moodle is vulnerable to open redirects. The vulnerability exists as the value of returnto
does not check that the URL leads to a non local URL, and thus can be used for open redirects.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | eq | 3.6.0-beta.3.6.6 | |
moodle/moodle | le | 3.7.2 | |
moodle/moodle | le | 3.5.8 |