High
CVSS 7.5
Overview
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password sal...
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.
This vulnerability is rated 🟠 HIGH.
Recommended actions: