Security Advisory

CVE-2024-43432

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-11 12:16:04

Last updated 2024-11-12 15:14:27

Assigner fedora

State PUBLISHED

Description

A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.

← Browse all CVEs View on cve.org ↗