CRITICAL🇵🇱 Wersja polska

CVE-2024-33999

CVSS 9.8v3.1pub. 2024-05-31upd. 2025-05-30

The referrer URL used by MFA required additional sanitizing, rather than being used directly.

🤖 AI Analysis
How it works

During the MFA process, the application retrieved the referrer URL and used it directly in application logic, bypassing required sanitization steps. Lack of proper input validation (CWE-20) means that an attacker can provide a crafted referrer URL, which will be processed by the system in an unintended manner. Network vector (AV:N) without required privileges (PR:N) and user interaction (UI:N) indicates that the attack can be conducted remotely by an unauthenticated attacker.

Impact

Successful exploitation of the vulnerability may lead to violation of confidentiality, integrity, and availability of the system to a high degree — which corresponds to complete takeover of control over application resources or its users.

Mitigation & patch

Patches available from the vendor should be applied in accordance with the references (https://moodle.org/mod/forum/discuss.php?d=458387). It is recommended to update to the patched version as soon as possible and monitor logs for suspicious Referer header values.

Who is affected

Moodle platform — versions indicated in vendor references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Moodle

    APP
    Moodle
    4.3.0 – 4.3.4 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-28333CRITICAL9.8ten sam produkt

The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This ...

CVE-2021-36392CRITICAL9.8ten sam produkt

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.

CVE-2021-36394CRITICAL9.8ten sam produkt

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.

CVE-2021-36393CRITICAL9.8ten sam produkt

In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.

CVE-2022-45152CRITICAL9.1ten sam produkt

A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insuffic...