A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| moodle/moodle(Packagist) | 3.5 | 3.5.5 | N/A |
| moodle/moodle(Packagist) | 3.6 | 3.6.3 | N/A |
CVSS Metrics
