Description
Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, related to lack of a requirement for the previous password.
Remediation
References
Related Vulnerabilities
WordPress Plugin Mingle Forum Cross-Site Scripting (1.0.28)
Chamilo Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2026-33707)
WordPress Plugin cformsII Arbitrary File Upload (14.7)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-28129)
Joomla Improper Input Validation Vulnerability (CVE-2020-11890)