Moodle – Open Redirect

Description

During the scan, Kayran managed to find an Open Redirect vulnerability inside the Moodle platform.
Open Redirect rises whenever you have input which you then use, in order to redirect the user.
Open Redirection Vulnerability happens when a web application accepts an untrusted\unvalidated input. That could cause the web application to redirect the request to a URL contained within the untrusted input.

An attacker could write a new URL within the application that causes a redirect to malicious, external domains. This vulnerability can be used to perform successful phishing attacks and more.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

Update to the latest version released by Moodle.

(link below)

References

https://docs.moodle.org/400/en/Upgrading

https://cwe.mitre.org/data/definitions/601.html

< Return to all Vulnerabilities

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »