vulnerability

Moodle: URL Redirection to Untrusted Site ('Open Redirect') (CVE-2019-10133)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Jun 26, 2019	Nov 7, 2019	Nov 7, 2019

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Jun 26, 2019

Added

Nov 7, 2019

Modified

Nov 7, 2019

Description

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.

Solution

moodle-upgrade-latest

References

CVE-2019-10133
https://attackerkb.com/topics/CVE-2019-10133
URL-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10133
URL-https://moodle.org/mod/forum/discuss.php?d=386523

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today