A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.
{ "ubuntu_priority": "medium" }