CVE-2017-7489: Moodle External blog editing takeover
6.3
Basic Information
Technical Details
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
moodle/moodle | composer | >= 3.2, < 3.2.3 | 3.2.3 |
moodle/moodle | composer | >= 3.1, < 3.1.6 | 3.1.6 |
moodle/moodle | composer | >= 3.0, < 3.0.10 | 3.0.10 |
moodle/moodle | composer | >= 2.7, < 2.7.20 | 2.7.20 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from improper privilege management (CWE-269) in external blog editing. While exact code isn't available, Moodle's security advisory references MDL-58635 which involves external blog ownership handling. The core issue would exist in the function responsible for processing external blog edits, which should normally validate user ownership before allowing modifications. The vulnerable versions lacked proper authorization checks when updating blog entries, enabling users to reassign ownership through manipulated requests. The 'blog/externallib.php' is the standard location for external blog functionality in Moodle, making 'blog_edit_external_blog' the most likely candidate based on vulnerability patterns and component structure.