Описание
Moodle vulnerable to Server-Side Request Forgery
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.
Пакеты
moodle/moodle
>= 3.11.0-beta, < 3.11.1
3.11.1
moodle/moodle
>= 3.10.0-beta, < 3.10.5
3.10.5
moodle/moodle
< 3.9.8
3.9.8
Связанные уязвимости
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.
In Moodle, insufficient redirect handling made it possible to blindly ...
Уязвимость системы управления Moodle, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю осуществить SSRF-атаку