Severity: Critical
CVSS Score: 9.8
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.