Описание
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| moodle | removed | package |
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 1 года назад
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.
CVSS3: 7.5
nvd
больше 1 года назад
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.
CVSS3: 7.5
github
больше 1 года назад
Moodle HTTP authorization header is preserved between "emulated redirects"
