GHSA-jp4g-r8c9-3534

Suggest an improvement
Source
https://github.com/advisories/GHSA-jp4g-r8c9-3534
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jp4g-r8c9-3534/GHSA-jp4g-r8c9-3534.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-jp4g-r8c9-3534
Aliases
Published
2022-05-13T01:31:16Z
Modified
2024-04-23T23:58:48.923905Z
Severity
  • 10.0 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Moodle Blind SSRF Risk in /badges/mybackpack.php
Details

A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility of blind SSRF via requests made by the page.

References

Affected packages

Packagist / moodle/moodle

Package

Name
moodle/moodle
Purl
pkg:composer/moodle/moodle

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.1
Fixed
3.1.16

Affected versions

v3.*

v3.1.0-beta
v3.1.0-rc1
v3.1.0-rc2
v3.1.0
v3.1.1
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.1.6
v3.1.7
v3.1.8
v3.1.9
v3.1.10
v3.1.11
v3.1.12
v3.1.13
v3.1.14
v3.1.15