ГлавнаяУязвимости → CVE-2024-38275
7.5высокая

CVE-2024-38275

Описание

The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.

Затрагиваемое ПО
Moodle Moodle
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://moodle.org/mod/forum/discuss.php?d=459500https://moodle.org/mod/forum/discuss.php?d=459500