Description
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
Remediation
References
Related Vulnerabilities
WordPress Plugin External Media without Import Cross-Site Scripting (1.0.1)
Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2017-5983)
WordPress Plugin Affiliates Multiple Cross-Site Scripting Vulnerabilities (2.13.1)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)