CVE-2021-32478
MEDIUM EXPLOITED NUCLEIMoodle < 3.8.9, 3.9-3.9.6, 3.10-3.10.3 - Open Redirect via LTI Authorization Endpoint
Title source: llmExploitation Summary
CVE-2021-32478 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.
Nuclei Templates (1)
Moodle 3.8-3.10.3 - Reflected XSS & Open Redirect
MEDIUMVERIFIEDby hackergautam
References (1)
Core 1
Core References
Patch, Vendor Advisory
https://moodle.org/mod/forum/discuss.php?d=422314
Scores
CVSS v3
6.1
EPSS
0.0116
EPSS Percentile
62.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
VulnCheck KEV
2025-11-05
CWE
CWE-601
CWE-79
Status
published
Products (2)
moodle/moodle
< 3.8.9
moodle/moodle
3.10 - 3.10.4Packagist
Published
Mar 11, 2022
Tracked Since
Feb 18, 2026