GoogleOSV:GHSA-XQCF-VGQC-PCMGMoodle blind Server-Side Request Forgery (SSRF) vulnerability in LTI provider library
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.1 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.7%
A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle’s inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems. This vulnerability allows a remote attacker to perform SSRF attacks.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71920
bugzilla.redhat.com/show_bug.cgi?id=2142775
github.com/moodle/moodle
lists.fedoraproject.org/archives/list/[email protected]/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2
lists.fedoraproject.org/archives/list/[email protected]/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV
lists.fedoraproject.org/archives/list/[email protected]/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB
moodle.org/mod/forum/discuss.php?d=440772
nvd.nist.gov/vuln/detail/CVE-2022-45152
Related
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.1 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.7%