VYPR
Unrated severityNVD Advisory· Published Mar 19, 2021· Updated Aug 5, 2024

CVE-2019-14831

CVE-2019-14831

Description

A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where forum subscribe link contained an open redirect if forced subscription mode was enabled. If a forum's subscription mode was set to "forced subscription", the forum's subscribe link contained an open redirect.

Affected products

2
  • Moodle/Moodledescription
  • Moodle/Moodlellm-fuzzy
    Range: >=3.5 <3.5.8 || >=3.6 <3.6.6 || >=3.7 <3.7.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.