admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-148xx/CVE-2019-14831.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

125 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-14831",
"sourceIdentifier": "secalert@redhat.com",
"published": "2021-03-19T21:15:12.120",
"lastModified": "2023-02-12T23:34:49.350",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where forum subscribe link contained an open redirect if forced subscription mode was enabled. If a forum's subscription mode was set to \"forced subscription\", the forum's subscribe link contained an open redirect."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Moodle versiones 3.7 hasta 3.7.1, versiones 3.6 hasta 3.6.5, versiones 3.5 hasta 3.5.7 y versiones anteriores no compatibles, donde el enlace de suscripci\u00f3n al foro conten\u00eda un redireccionamiento abierto si el modo de suscripci\u00f3n forzada estaba habilitado. Si el modo de suscripci\u00f3n de un foro estaba configurado en \"forced subscription\", el enlace de suscripci\u00f3n del foro conten\u00eda un redireccionamiento abierto"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5.0",
"versionEndIncluding": "3.5.7",
"matchCriteriaId": "4D443C9B-4E6C-4DFC-BC79-249FE71A44CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndIncluding": "3.6.5",
"matchCriteriaId": "850D661D-990A-4A27-864B-1F52DD5F94D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.7.0",
"versionEndIncluding": "3.7.1",
"matchCriteriaId": "E2879DC1-468C-4692-9D43-23DAFB088145"
}
]
}
]
}
],
"references": [
{
"url": "https://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=32e2e06a8737afb07ee83abb3eacd39f8b181216",
"source": "secalert@redhat.com"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=391037",
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink