Lucene search
Veracode Vulnerability DatabaseVERACODE:36731HistoryAug 17, 2022 - 8:19 a.m.
Spoofing Attacks
2022-08-1708:19:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
28
moodle
spoofing attacks
ip spoofing
x-forwarded-for
vulnerability
EPSS
0.001
Percentile
31.3%
moodle/moodle is vulnerable to spoofing attacks. The vulnerability exists in the getremoteaddr function in moodlelib.php, allowing an attacker to spoof a user’s IP through the X-Forwarded-For headers, bypassing the remote address checks
References
github.com/advisories/GHSA-4265-mh49-263h
github.com/moodle/moodle/commit/4a3a673d1ee03f243947e8dfd8e747e713e63350
github.com/moodle/moodle/commit/52d5599ff26b4ceec69e8777c5d96d382e31badd
github.com/moodle/moodle/commit/67c44ebd2e8555a0d6e1a8affa7226c0b45aa171
github.com/moodle/moodle/commit/d4034165792b4f13d986a3d4525d42e5660271a8
moodle.org/mod/forum/discuss.php?d=398351
Related
osv
osv
BIT-moodle-2020-1755
2024-03-06 11:12:08
CVE-2020-1755
2022-08-16 21:15:09
prion
prion
Design/Logic Flaw
2022-08-16 21:15:00
cve
cve
CVE-2020-1755
2022-08-16 21:15:09
cvelist
cvelist
CVE-2020-1755
2022-08-16 19:29:48
nvd
nvd
CVE-2020-1755
2022-08-16 21:15:09
ubuntucve
ubuntucve
CVE-2020-1755
2022-08-16 00:00:00
openvas
openvas