Description
A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Comment Rating Cross-Site Request Forgery (2.9.20)
Drupal Improper Authentication Vulnerability (CVE-2006-1228)
WordPress Plugin WP Data Access SQL Injection (4.3.1)
WordPress Plugin Stylish Price List Security Bypass (6.9.0)
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-2922)