Description
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.
Remediation
References
Related Vulnerabilities
WordPress Plugin Follow Me Cross-Site Request Forgery (3.1.1)
PHP Other Vulnerability (CVE-2004-1018)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17299)
WordPress Plugin Image Slider by Ays-Responsive Slider and Carousel SQL Injection (2.4.9)
WordPress Plugin NextGEN Gallery-WordPress Gallery Unspecified Vulnerability (2.2.46)