Description
A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. This occurs due to insufficient validation of redirect parameters, which could lead to phishing attacks or information disclosure.
Remediation
References
Related Vulnerabilities
PHP Deserialization of Untrusted Data Vulnerability (CVE-2018-19396)
SharePoint Improper Input Validation Vulnerability (CVE-2026-32201)
WordPress Plugin WP Print Friendly Security Bypass (0.5.2)
Oracle JRE CVE-2020-2830 Vulnerability (CVE-2020-2830)
WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2026-35292)