Moodle Incomplete Cleanup Vulnerability - CVE-2024-38275 - Vulnerability Database

Moodle Incomplete Cleanup Vulnerability - CVE-2024-38275

High

Reference: CVE-2024-38275

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-38275

Title: Moodle Incomplete Cleanup Vulnerability

Overview:

The cURL wrapper in Moodle retained the original request headers when following redirects so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.