VYPR
Critical severity9.1NVD Advisory· Published Mar 31, 2020· Updated Jun 17, 2026

CVE-2019-14880

CVE-2019-14880

Description

A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not verify users' email address changes require additional verification during sign-up to reduce the risk of account compromise.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
moodle/moodlePackagist
>= 3.7.0, < 3.7.33.7.3
moodle/moodlePackagist
>= 3.6.0, < 3.6.73.6.7
moodle/moodlePackagist
>= 3.5.0, < 3.5.93.5.9

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.