WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle CVE-2023-23923 Vulnerability (CVE-2023-23923)

Description

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

Remediation

References

Related Vulnerabilities

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Information Disclosure (1.8.11)

MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-0364)

Moodle Improper Authentication Vulnerability (CVE-2018-1082)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26279)

WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure (0.2.2)

Severity

High

Classification

CVE-2023-23923 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Tags

Missing Update Known Vulnerabilities