Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2021-32478

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Products

  • moodle

Additional Info

Technical Analysis