GoogleOSV:GHSA-C87J-9RRQ-H3J8Moodle allows attackers to trigger the generation of arbitrary messages
The LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not properly restrict the parameters used in a return URL, which allows remote attackers to trigger the generation of arbitrary messages via a modified URL, related to mod/lti/locallib.php and mod/lti/return.php.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47927
openwall.com/lists/oss-security/2014/11/17/11
github.com/moodle/moodle
github.com/moodle/moodle/commit/15bde5352bd4bdb54105c0fdfd956c9ca420e4c6
github.com/moodle/moodle/commit/339c6eca3c881742178637cb41cc7ebbe4a3b6b0
github.com/moodle/moodle/commit/44e712e9b72a30c6bc01112040854e91f5758605
github.com/moodle/moodle/commit/edc89dfecb3f6891cea019baf2aecce51b3de41a
moodle.org/mod/forum/discuss.php?d=275165
nvd.nist.gov/vuln/detail/CVE-2014-9060
web.archive.org/web/20150914064838/www.securitytracker.com/id/1031215
Related
