What is the role of auth_wooflash.php

wooclap / moodle-mod_wooclap

Moodle plugin for Wooclap (https://www.wooclap.com/).

2 stars 5 forks source link

What is the role of auth_wooflash.php #3

Closed mudrd8mz closed 2 years ago

mudrd8mz commented 3 years ago

I've been experimenting a bit and I have some concern related to the functionality of the auth_wooflash.php script.

What is the purpose of it and how is it supposed to be called? From what I can see, it can be eventually abused for providing a malicious "login" link to a user who would then authenticate to their moodle and then be redirected to a defined URL.

tchapeaux commented 3 years ago

Indeed, we might have an Open Redirect vulnerability in this case. Thanks for notifying us.

We should validate the redirect URL against the baseurl plugin settings.

Note that the issue affects both this repo(https://github.com/wooclap/moodle-mod_wooclap/) and our other plugin repo (https://github.com/wooclap/moodle-mod_wooflash)

dfdeagle47 commented 2 years ago

Fixed in the new release: here and here. We now validate the callback URL using the baseURL provided in the plugin settings.