Description
Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, related to lack of a requirement for the previous password.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Export Orders and More Cross-Site Scripting (2.0.10)
WordPress Plugin Social Sharing-Kiwi Security Bypass (2.0.10)
WordPress Plugin Widgets on Pages Cross-Site Scripting (1.6.0)
MySQL CVE-2020-2923 Vulnerability (CVE-2020-2923)
WordPress Plugin Site Offline Or Coming Soon Or Maintenance Mode Security Bypass (1.5.2)