CVE-2024-43432 – Moodle HTTP Authorization Header Information Exposure Vulnerability

CVE ID : CVE-2024-43432

Published : Nov. 11, 2024, 1:15 p.m. | 16 minutes ago

Description : A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-43432 – Moodle HTTP Authorization Header Information Exposure Vulnerability