Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2006-4943

Опубликовано: 23 сент. 2006
Источник: debian
EPSS Низкий

Описание

course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
moodlefixed1.6.2-1package
moodlenot-affectedsargepackage

EPSS

Процентиль: 56%
0.00333
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2006-4943

ubuntu
почти 19 лет назад

course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter.

nvd логотип

CVE-2006-4943

nvd
почти 19 лет назад

course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter.

github логотип

GHSA-73q4-xm6m-m55x

github
больше 3 лет назад

course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter.

EPSS

Процентиль: 56%
0.00333
Низкий