Moodle 1.8.x and 1.9.x prior to 1.9.8 does not enable the "Regenerate session id during login" setting by default, which makes it easier for remote malicious users to conduct session fixation attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 1.8.6 |
||
moodle moodle 1.8.5 |
||
moodle moodle 1.8.11 |
||
moodle moodle 1.9.4 |
||
moodle moodle 1.8.4 |
||
moodle moodle 1.9.3 |
||
moodle moodle 1.9.5 |
||
moodle moodle 1.9.2 |
||
moodle moodle 1.8.8 |
||
moodle moodle 1.8.2 |
||
moodle moodle 1.8.1 |
||
moodle moodle 1.9.1 |
||
moodle moodle 1.8.7 |
||
moodle moodle 1.8.9 |
||
moodle moodle 1.8.3 |
||
moodle moodle 1.8.10 |
||
moodle moodle 1.9.6 |
||
moodle moodle 1.9.7 |