Unrated severityNVD Advisory· Published May 10, 2022· Updated Aug 3, 2024
CVE-2022-28601
CVE-2022-28601
Description
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allowing them to bypass the phone verification mechanism.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- LMS Doctor/Simple 2FA Plugin for Moodledescription
Patches
Vulnerability mechanics
References
1- www.lmsdoctor.com/simple-2-factor-authentication-plugin-for-moodlemitrex_refsource_MISC
News mentions
0No linked articles in our index yet.