CVE-2024-45691: Moodle Lesson activity password bypass through PHP loose comparison
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to “magic hash” values.
References
Detect and mitigate CVE-2024-45691 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →