Moodle SSRF Vulnerability

The editblog.php script allows a registered user to add external RSS feed resources. It was identified that this feature could be abused to be used as a SSRF attack vector by adding a malicious URL/TCP PORT in order to target internal network or an internet hosted server, bypassing firewall rules...

GHSA-VJXX-54VW-Q59F Moodle SSRF Vulnerability

The editblog.php script allows a registered user to add external RSS feed resources. It was identified that this feature could be abused to be used as a SSRF attack vector by adding a malicious URL/TCP PORT in order to target internal network or an internet hosted server, bypassing firewall rules...

Moodle CMS 3.5.x <= 3.5.3 SSRF vulnerability.

Moodle CMS is prone to an SSRF attack. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either...

Server-Side Request Forgery (SSRF)

moodle/moodle is vulnerable to server-side request forgery SSRF. An attacker is able to submit requests on behalf of the server via the editblog.php script that allows adding of external RSS feed resources. A malicious URL/TCP PORT can be added as an RSS feed resource which would cause the server...