Lucene search

GitHub Advisory DatabaseGHSA-P2CJ-86V4-7782

HistoryJun 18, 2024 - 9:30 p.m.

Moodle HTTP authorization header is preserved between "emulated redirects"

2024-06-1821:30:36

CWE-226

GitHub Advisory Database

github.com

moodle

http authorization

curl wrapper

redirects

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

Percentile

9.0%

JSON

The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.

Affected configurations

Vulners

Node

moodlemoodleRange<4.1.11

moodlemoodleRange4.2.0-beta–4.2.8

moodlemoodleRange4.3.0-beta–4.3.5

moodlemoodleRange4.4.0-beta–4.4.1

VendorProductVersionCPE
moodlemoodle*cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moodle	moodle	*	cpe:2.3:a:moodle:moodle::::::::

References

github.com/advisories/GHSA-p2cj-86v4-7782

github.com/moodle/moodle/commit/0df3c5837a592e6663c4d531ff6a1f776bc2f785

github.com/moodle/moodle/commit/3e38c84315a7991ce5ef5f241f5e873b5ca24f01

github.com/moodle/moodle/commit/836b2c23a210317d130017d77bb64e3b510869a9

github.com/moodle/moodle/commit/f7988538b2208c55f2c40ce4f0815901dc88049b

moodle.org/mod/forum/discuss.php?d=459500

nvd.nist.gov/vuln/detail/CVE-2024-38275

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for GHSA-P2CJ-86V4-7782