CVE-2021-32478

Publication date

2022-03-11 00:00:00

Family

redhat

State

PUBLISHED

Description

The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.