Lucene search
RedhatCVELIST:CVE-2021-32478HistoryMar 11, 2022 - 12:00 a.m.
CVE-2021-32478
2022-03-1100:00:00
CWE-79
redhat
www.cve.org
3
moodle lti authorization
reflected xss
open redirect
EPSS
0.001
Percentile
31.3%
The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.
CNA Affected
[
{
"vendor": "n/a",
"product": "moodle",
"versions": [
{
"version": "3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8",
"status": "affected"
}
]
}
]Related
openvas
openvas
osv
osv
CVE-2021-32478
2022-03-11 18:15:19
BIT-moodle-2021-32478
2024-03-06 11:09:51
Moodle reflected XSS
2022-03-12 00:00:32
ubuntucve
ubuntucve
CVE-2021-32478
2022-03-11 00:00:00
github
github
Moodle reflected XSS
2022-03-12 00:00:32
cve
cve
CVE-2021-32478
2022-03-11 18:15:19
veracode
veracode
Cross-site Scripting (XSS)
2022-03-15 12:59:03
prion
prion
Open redirect
2022-03-11 18:15:00
nvd
nvd
CVE-2021-32478
2022-03-11 18:15:19
redos
redos
nessus
nessus
Moodle 3.10.x < 3.10.4 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.9.x < 3.9.7 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.8.x < 3.8.9 Multiple Vulnerabilities
2023-02-20 00:00:00