← volver
CVE-2019-14831

CVE-2019-14831

EPSS 0.8%CWE-601
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
19 mar 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where forum subscribe link contained an open redirect if forced subscription mode was enabled. If a forum's subscription mode was set to "forced subscription", the forum's subscribe link contained an open redirect.
Productos afectados
n/a · Moodle

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=32e2e06a8737afb07ee83abb3eacd39f8b181216https://moodle.org/mod/forum/discuss.php?d=391037