Lucene search
Veracode Vulnerability DatabaseVERACODE:7073HistoryJul 17, 2018 - 6:43 a.m.
Server-Side Request Forgery (SSRF)
2018-07-1706:43:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
0.007 Low
EPSS
Percentile
80.2%
moodle is vulnerable to server-side request forgery (SSRF) attacks. A malicious user can pass an arbitrary URL to the filepicker AJAX to retrieve and view any URL through it.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | 3.1.9 | |
| moodle/moodle | le | 3.3.3 | |
| moodle/moodle | le | 3.2.6 | |
| moodle/moodle | le | 3.4.0 |
Related
packetstorm
packetstorm
Moodle Filepicker 3.5.2 Server-Side Request Forgery
2019-07-26 00:00:00
osv
osv
CVE-2018-1042
2018-01-22 08:29:00
Moodle SSRF Vulnerability
2022-05-14 00:55:53
nvd
nvd
CVE-2018-1042
2018-01-22 08:29:00
openvas
openvas
Moodle 3.x SSRF Vulnerability (Jan 2018) - Linux
2018-05-09 00:00:00
Moodle 3.x SSRF Vulnerability (Jan 2018) - Windows
2018-05-09 00:00:00
Fedora Update for moodle FEDORA-2018-c587c0a62d
2018-02-01 00:00:00
zdt
zdt
Moodle Filepicker 3.5.2 - Server Side Request Forgery Vulnerability
2019-07-26 00:00:00
prion
prion
Server side request forgery (ssrf)
2018-01-22 08:29:00
cve
cve
CVE-2018-1042
2018-01-22 08:29:00
exploitpack
exploitpack
Moodle Filepicker 3.5.2 - Server Side Request Forgery
2019-07-26 00:00:00
ubuntucve
ubuntucve
CVE-2018-1042
2018-01-22 00:00:00
cvelist
cvelist
CVE-2018-1042
2018-01-22 08:00:00
github
github
Moodle SSRF Vulnerability
2022-05-14 00:55:53
exploitdb
exploitdb
Moodle Filepicker 3.5.2 - Server Side Request Forgery
2019-07-26 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: moodle-3.2.7-1.fc26
2018-01-31 18:06:24
[SECURITY] Fedora 27 Update: moodle-3.3.4-1.fc27
2018-01-31 21:59:13
nessus
nessus
Fedora 26 : moodle (2018-7e086e3309)
2018-02-01 00:00:00
Fedora 27 : moodle (2018-c587c0a62d)
2018-02-01 00:00:00