Описание
Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to (1) backup/backupfilesedit.php, (2) comment/comment_post.php, (3) course/switchrole.php, (4) mod/wiki/filesedit.php, (5) tag/coursetags_add.php, or (6) user/files.php.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.5.4-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.5.4-1ubuntu1]] |
| hardy | ignored | end of life |
| lucid | not-affected | 1.9.4.dfsg-0ubuntu4 |
| oneiric | not-affected | 1.9.9.dfsg2-3 |
| precise | not-affected | 1.9.9.dfsg2-6 |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 2.5.2-1 |
| trusty | not-affected | 2.5.4-1ubuntu1 |
Показывать по
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to (1) backup/backupfilesedit.php, (2) comment/comment_post.php, (3) course/switchrole.php, (4) mod/wiki/filesedit.php, (5) tag/coursetags_add.php, or (6) user/files.php.
Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2 ...
Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to (1) backup/backupfilesedit.php, (2) comment/comment_post.php, (3) course/switchrole.php, (4) mod/wiki/filesedit.php, (5) tag/coursetags_add.php, or (6) user/files.php.
EPSS
5.8 Medium
CVSS2