Description
Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL.
Remediation
References
Related Vulnerabilities
Roundcube Cross-site Request Forgery (CSRF) Vulnerability (CVE-2016-4069)
MySQL CVE-2019-2455 Vulnerability (CVE-2019-2455)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.2)
Oracle JRE CVE-2017-10285 Vulnerability (CVE-2017-10285)
WordPress Plugin Uncanny Toolkit for LearnDash Cross-Site Request Forgery (3.6.3)