PT-2019-11589 · Moodle+1 · Moodle+1

Lindon Wass

Publicado

2019-06-18

Atualizado

2022-05-24

CVE-2019-10133

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: Moodle versions prior to 3.7 Moodle version 3.6.4 and earlier Moodle version 3.5.6 and earlier Moodle version 3.4.9 and earlier Moodle version 3.1.18 and earlier

Description: A flaw was found in the form to upload cohorts, which contained a redirect field that was not restricted to internal URLs.

Recommendations: For versions prior to 3.7, update to version 3.7 or later. For version 3.6.4 and earlier, update to version 3.6.5 or later. For version 3.5.6 and earlier, update to version 3.5.7 or later. For version 3.4.9 and earlier, update to version 3.4.10 or later. For version 3.1.18 and earlier, update to version 3.1.19 or later.

Correção

Open Redirect

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-601

Identificadores relacionados

ALT-PU-2019-2080

ALT-PU-2019-2096

CVE-2019-10133

GHSA-5XP2-RV4H-MM2Q

Produtos afetados

Alt Linux

Moodle

PT-2019-11589 · Moodle+1 · Moodle+1

CVE-2019-10133

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14