Vulnerabilities > Lmsdoctor > 2 Factor Authentication > 2021072900
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2022-28986 | Authorization Bypass Through User-Controlled Key vulnerability in Lmsdoctor 2 Factor Authentication 2021072900 LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts. | 7.5 |