moodle/moodle is vulnerable to server-side request forgery (SSRF). An attacker is able to submit requests on behalf of the server via the edit_blog.php
script that allows adding of external RSS feed resources. A malicious URL/TCP PORT can be added as an RSS feed resource which would cause the server to submit such requests and bypass firewall rules and IP filtering.