CVE-2019-6970

Moodle 3.5.x before 3.5.4 allows SSRF.
Source: NIST