CVE-2019-14882 : Vulnerability Insights and Analysis
Learn about CVE-2019-14882, a low severity vulnerability in Moodle versions 3.5 to 3.7.3 allowing open redirects on the Lesson edit page. Find mitigation steps here.
A vulnerability in Moodle versions 3.5 to 3.7.3 allows for an open redirect on the Lesson edit page.
Understanding CVE-2019-14882
This CVE involves an open redirect vulnerability in Moodle versions 3.5 to 3.7.3.
What is CVE-2019-14882?
The vulnerability in Moodle versions 3.5 to 3.7.3 allows attackers to redirect users to malicious websites from the Lesson edit page.
The Impact of CVE-2019-14882
The impact of this vulnerability is rated as low severity with a CVSS base score of 3.1.
Technical Details of CVE-2019-14882
This section provides technical details of the CVE-2019-14882 vulnerability.
Vulnerability Description
The vulnerability involves an open redirect on the Lesson edit page in Moodle versions 3.5 to 3.7.3.
Affected Systems and Versions
- Affected Product: Moodle
- Affected Versions: 3.7.3, 3.6.7, 3.5.9
Exploitation Mechanism
- Attack Complexity: High
- Attack Vector: Network
- User Interaction: Required
- Privileges Required: None
- Integrity Impact: Low
- Scope: Unchanged
Mitigation and Prevention
Protect your systems from CVE-2019-14882 with the following steps:
Immediate Steps to Take
- Update Moodle to a patched version.
- Educate users about phishing attacks.
Long-Term Security Practices
- Regularly monitor and audit redirects on Moodle.
- Implement URL validation mechanisms.
Patching and Updates
- Apply the latest security patches provided by Moodle.