MSA-19-0023: Forum subscribe link contained an open redirect if forced subscription mode was enabled
|
System information
|
| |
|
|
Affected software |
PHP |
Description
|
by Michael Hawkins. If a forums subscription mode was set to "forced subscription", the forums subscribe link contained an open redirect.Severity/Risk:MinorVersions affected:3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versionsVersions fixed:3.7.2, 3.6.6 and 3.5.8Reported by:John CouzinsWorkaround:Set a different subscription mode (eg optional or auto) on forums until the patch is applied.CVE identifier:CVE-2019-14831Changes
More info:
https://moodle.org/mod/forum/discuss.php?d=391037&parent=1576215 |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2019-14831. |
