BIT-moodle-2021-32478
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2021-32478.json
- JSON Data
- https://api.osv.dev/v1/vulns/BIT-moodle-2021-32478
- Aliases
- Published
- 2024-03-06T11:09:51.482Z
- Modified
- 2024-03-06T11:25:28.861Z
- Summary
- [none]
- Details
-
The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.
- Database specific
{ "cpes": [ "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*" ], "severity": "Medium" }- References
Affected packages
Bitnami / moodle
Package
- Name
- moodle
- Purl
- pkg:bitnami/moodle
Severity
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator