WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-2231)

Description

Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter.

Remediation

References

Related Vulnerabilities

WordPress Plugin Cart66 Lite::WordPress Ecommerce Multiple Vulnerabilities (1.5.3)

Moodle CVE-2023-28330 Vulnerability (CVE-2023-28330)

Oracle Application Server Other Vulnerability (CVE-2005-1496)

WordPress Plugin WP Custom Cursors Multiple Vulnerabilities (3.0)

XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-35151)

Severity

Medium

Classification

CVE-2010-2231 CWE-352

Tags

Missing Update Known Vulnerabilities