CVE-2021-32478

Published: 2022-03-11T18:15Z

Last Modified: 2024-11-21T06:07Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt