WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle CVE-2018-1043 Vulnerability (CVE-2018-1043)

Description

In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.

Remediation

References

Related Vulnerabilities

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3743)

WordPress Plugin UserPro-Community and User Profile Privilege Escalation (4.9.27)

WordPress Plugin Custom Dashboard & Login Page-AGCA Cross-Site Request Forgery (6.5.4)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23922)

WordPress Plugin Salon Booking System Cross-Site Scripting (6.3)

Severity

Medium

Classification

CVE-2018-1043 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities