VYPR
Unrated severityNVD Advisory· Published May 10, 2022· Updated Aug 3, 2024

CVE-2022-28601

CVE-2022-28601

Description

A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allowing them to bypass the phone verification mechanism.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • LMS Doctor/Simple 2FA Plugin for Moodledescription
  • Moodle/Moodlellm-fuzzy

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.