MSA-22-0018: Open redirect risk in mobile auto-login feature

MSA-22-0018: Open redirect risk in mobile auto-login feature

by Michael Hawkins. The mobile auto-login URL required additional sanitizing to prevent an open redirect risk.Severity/Risk:MinorVersions affected:4.0 to 4.0.1, 3.11 to 3.11.7, 3.9 to 3.9.14 and earlier unsupported versionsVersions fixed:4.0.2, 3.11.8 and 3.9.15Reported by:petermasterCVE identifier:CVE-2022-35652Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72171Tracker issue:MDL-72171 Open redirect risk in mobile auto-login feature

More info:

https://moodle.org/mod/forum/discuss.php?d=436459&parent=1756387Leer másÚltimas Vulnerabilidades

by Michael Hawkins. The mobile auto-login URL required additional sanitizing to prevent an open redirect risk.Severity/Risk:MinorVersions affected:4.0 to 4.0.1, 3.11 to 3.11.7, 3.9 to 3.9.14 and earlier unsupported versionsVersions fixed:4.0.2, 3.11.8 and 3.9.15Reported by:petermasterCVE identifier:CVE-2022-35652Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72171Tracker issue:MDL-72171 Open redirect risk in mobile auto-login feature More info: https://moodle.org/mod/forum/discuss.php?d=436459&parent=1756387
CISO2CISO_NO_IMAGE_V2

by Michael Hawkins. The mobile auto-login URL required additional sanitizing to prevent an open redirect risk.Severity/Risk:MinorVersions affected:4.0 to 4.0.1, 3.11 to 3.11.7, 3.9 to 3.9.14 and earlier unsupported versionsVersions fixed:4.0.2, 3.11.8 and 3.9.15Reported by:petermasterCVE identifier:CVE-2022-35652Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72171Tracker issue:MDL-72171 Open redirect risk in mobile auto-login feature

More info:

https://moodle.org/mod/forum/discuss.php?d=436459&parent=1756387Leer másÚltimas Vulnerabilidades

Facebook
Twitter
LinkedIn
Pinterest
admin

admin

All Posts »

Leave a Reply

Your email address will not be published. Required fields are marked *

Top Recommended Posts

DroneSec
DroneSec
2022 Microsoft Vulnerabilities Report by BeyondTrust (you must read).
2022 Microsoft Vulnerabilities Report by BeyondTrust (you must read).
11 STRATEGIES OF A WORLD-CLASS CYBERSECURITY OPERATIONS CENTERS HIGHLIGHTS BY MITRE
11 STRATEGIES OF A WORLD-CLASS CYBERSECURITY OPERATIONS CENTERS HIGHLIGHTS BY MITRE
Threat Intel Roundup: XWiki, cl0p, HTML Sumggling
Threat Intel Roundup: XWiki, cl0p, HTML Sumggling
Secure Software Development Lifecycle Fundamentals by Codrut Andrei
Secure Software Development Lifecycle Fundamentals by Codrut Andrei
DNS Security Guide
DNS Security Guide
7 Steps to your Cybersecurity Career – How to begin your career in Cibersecurity By Chris Romano, CISSP
7 Steps to your Cybersecurity Career – How to begin your career in Cibersecurity By...
CISO Security Officer Handbook
CISO Security Officer Handbook
Managing Human Risk – SANS 2022 Security Awareness Report
Managing Human Risk – SANS 2022 Security Awareness Report
Making a Business Case for Security – An Interagency Security Committee Best Practice by CISA 2023 Edition
Making a Business Case for Security – An Interagency Security Committee Best Practice by CISA...