CVE-2009-4300

CVE-2009-4300 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Multiple unspecified authentication plugins in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 store the MD5 hashes for passwords in the user table, even when the cached hashes are not used by the plugin, which might make it easier for attackers to obtain credentials via unspecified vectors.

Learn more about our User Device Pen Test.