CVE-2025-4513

A vulnerability classified as problematic was found in Catalyst User Key Authentication Plugin 20220819 on Moodle. Affected by this vulnerability is an unknown functionality of the file /auth/userkey/logout.php of the component Logout. The manipulation of the argument return leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Configurations

No configuration.

History

12 May 2025, 15:16

Type Values Removed Values Added
Summary
  • (es) Se encontró una vulnerabilidad clasificada como problemática en Catalyst User Key Authentication Plugin 20220819 en Moodle. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /auth/userkey/logout.php del componente Logout. La manipulación del argumento return provoca una redirección abierta. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado. Se contactó al proveedor con antelación sobre esta divulgación, pero no respondió.
References () https://github.com/Cyber-Wo0dy/report/blob/main/moodle/key_user_authentication/v2022081901/key_user_authentication_open_redirection - () https://github.com/Cyber-Wo0dy/report/blob/main/moodle/key_user_authentication/v2022081901/key_user_authentication_open_redirection -

10 May 2025, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-10 20:15

Updated : 2025-05-12 17:32


NVD link : CVE-2025-4513

Mitre link : CVE-2025-4513

CVE.ORG link : CVE-2025-4513


JSON object : View

Products Affected

No product.

CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')