Description
A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not verify users' email address changes require additional verification during sign-up to reduce the risk of account compromise.
Remediation
References
Related Vulnerabilities
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21031)
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950)
WordPress Plugin WooCommerce Conversion Tracking Cross-Site Request Forgery (2.0.4)
WordPress Plugin Login Security Solution Multiple Unspecified Vulnerabilities (0.50.0)