Description

A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page.

Remediation

References

CVE-2019-3851

Related Vulnerabilities

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-27912)

WordPress Plugin Payment Form for PayPal Pro Multiple Cross-Site Scripting Vulnerabilities (1.0.1)

WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress SQL Injection (3.7.39)

WordPress Plugin WP Server Log Viewer Cross-Site Scripting (1.0)

MediaWiki CVE-2021-45471 Vulnerability (CVE-2021-45471)

Severity

Medium

Classification

CVE-2019-3851 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities