VYPR
Unrated severityNVD Advisory· Published Aug 16, 2022· Updated Aug 4, 2024

CVE-2020-1755

CVE-2020-1755

Description

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.

Affected products

3
  • Moodle/Moodlecpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: before 3.8.2, 3.7.5, 3.6.9, 3.5.11
  • osv-coords
    Range: >= 3.5.0, < 3.5.11

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.