4 matches found
CVE-2021-36396
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk...
CVE-2021-36396
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk...
CVE-2021-36396
Moodle is affected by CVE-2021-36396 due to insufficient redirect handling that allows blind SSRF by bypassing cURL blocked hosts/allowed ports restrictions. This is documented across multiple sources (NVD/OSV) as a Moodle SSRF risk with high impact to integrity; no detailed patch/version is prov...
Moodle 3.10.x < 3.10.5 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.8, 3.10.x prior to 3.10.5 or 3.11.x prior to 3.11.1. It is, therefore, affected by multiple vulnerabilities: - An SQL injection in the library fetching a user's enrolled courses. CVE-2021-36392 - An SQL injection in the...