Moderate severityOSV Advisory· Published Mar 26, 2019· Updated Aug 4, 2024
CVE-2019-3851
CVE-2019-3851
Description
A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 3.5, < 3.5.5 | 3.5.5 |
moodle/moodlePackagist | >= 3.6, < 3.6.3 | 3.6.3 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-pj45-hp8h-289rghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-3851ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_CONFIRMWEB
- github.com/moodle/moodle/commit/7f22b14efb3408645cede026ad11126f17e3f59aghsaWEB
- github.com/moodle/moodle/commit/911f7488068a56b05b0ad87be8f9e132075ab0a6ghsaWEB
- github.com/moodle/moodle/commit/c430bed525c4c7e6e5a1c0f7222bc323cf9b6245ghsaWEB
- moodle.org/mod/forum/discuss.phpghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.