Description
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.
Remediation
References
Related Vulnerabilities
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.148)
WordPress Plugin Htaccess by BestWebSoft Cross-Site Scripting (1.4)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2015-2305)
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cloaking (2.2.9)