Description
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH WooCommerce Ajax Product Filter Cross-Site Scripting (3.11.0)
Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330)
WordPress Plugin WooSidebars Cross-Site Scripting (1.4.1)
WordPress Plugin Annonces 'theme.php' Arbitrary File Upload (1.2.0.1)
WordPress Plugin Tutor LMS Elementor Addons Cross-Site Scripting (2.1.3)