Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:13492
HistoryMar 22, 2019 - 3:23 a.m.

Server-Side Request Forgery (SSRF)

2019-03-2203:23:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

EPSS

0.001

Percentile

42.8%

JSON

moodle/moodle is vulnerable to server-side request forgery (SSRF). An attacker is able to submit requests on behalf of the server via the edit_blog.php script that allows adding of external RSS feed resources. A malicious URL/TCP PORT can be added as an RSS feed resource which would cause the server to submit such requests and bypass firewall rules and IP filtering.

Related

prion 1
cvelist 1
cve 1
osv 2
ubuntucve 1
nvd 1
openvas 1
github 1
prion
prion
Server side request forgery (ssrf)
2019-03-21 16:01:00
cvelist
cvelist
CVE-2019-6970
2019-03-18 20:28:37
cve
cve
CVE-2019-6970
2019-03-21 16:01:10
osv
osv
CVE-2019-6970
2019-03-21 16:01:10
Moodle SSRF Vulnerability
2022-05-14 01:17:52
ubuntucve
ubuntucve
CVE-2019-6970
2019-03-21 00:00:00
nvd
nvd
CVE-2019-6970
2019-03-21 16:01:10
openvas
openvas
Moodle CMS 3.5.x <= 3.5.3 SSRF vulnerability.
2019-04-02 00:00:00
github
github
Moodle SSRF Vulnerability
2022-05-14 01:17:52

EPSS

0.001

Percentile

42.8%

JSON
Related for VERACODE:13492
prion1cvelist1cve1osv2ubuntucve1nvd1openvas1github1