The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by reading this script's source code within the open-source software distribution.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-07-17T10:00:00

Updated: 2024-08-06T18:38:14.299Z

Reserved: 2012-01-19T00:00:00

Link: CVE-2012-0794

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-07-17T10:20:52.973

Modified: 2024-11-21T01:35:44.313

Link: CVE-2012-0794

cve-icon Redhat

No data.