First published: Tue Nov 15 2022(Updated: )
A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's CSRF token was unnecessarily included in the URL when being redirected to a course they have just restored. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website. This flaw allows an attacker to perform cross-site request forgery attacks.
Credit: bressers@elastic.co patrick@puiterwijk.org
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | >=3.9.0<3.9.18 | |
Moodle Moodle | >=3.11.0<3.11.11 | |
Moodle Moodle | >=4.0.0<4.0.5 | |
Fedoraproject Fedora | =35 | |
Fedoraproject Fedora | =36 | |
Fedoraproject Fedora | =37 | |
redhat/moodle | <4.0.5 | 4.0.5 |
redhat/moodle | <3.11.11 | 3.11.11 |
redhat/moodle | <3.9.18 | 3.9.18 |
>=3.9.0<3.9.18 | ||
>=3.11.0<3.11.11 | ||
>=4.0.0<4.0.5 | ||
=35 | ||
=36 | ||
=37 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Moodle vulnerability is CVE-2022-45149.
The severity of CVE-2022-45149 is medium with a CVSS score of 5.4.
The vulnerability in Moodle occurs due to insufficient validation of the HTTP request origin in course redirect URL.
Versions 3.9.0 to 3.9.18, 3.11.0 to 3.11.11, and 4.0.0 to 4.0.5 of Moodle are affected by CVE-2022-45149.
To fix the vulnerability in Moodle, update to version 3.9.18, 3.11.11, or 4.0.5, which contain the necessary patches.