Description
A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not verify users' email address changes require additional verification during sign-up to reduce the risk of account compromise.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2020-14637 Vulnerability (CVE-2020-14637)
WordPress Plugin All-in-One WP Migration Information Disclosure (7.0)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7449)
WordPress Plugin bbPress Cross-Site Scripting (2.5.8)
WordPress Plugin WP SVG Icons Cross-Site Request Forgery (3.2.1)