QwikSec

Security Database

CVE

CWE

Training

CVE-2019-14831

Published: Mar 19, 2021

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where forum subscribe link contained an open redirect if forced subscription mode was enabled. If a forum's subscription mode was set to "forced subscription", the forum's subscribe link contained an open redirect.

Vendor	Product	Versions
n/a	Moodle	affected `3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions`

Weaknesses (CWE)

References

https://moodle.org/mod/forum/discuss.php?d=391037

x_refsource_MISC

https://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=32e2e06a8737afb07ee83abb3eacd39f8b181216

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.