Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course.

Remediation

References

CVE-2011-4281

Related Vulnerabilities

Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4076)

XWikiplatform Incorrect Authorization Vulnerability (CVE-2024-55662)

WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Unspecified Vulnerability (1.12.22)

WordPress Plugin Showbiz Pro Responsive Teaser Arbitrary File Upload (1.7.1)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4522)

Severity

Medium

Classification

CVE-2011-4281 CWE-352

Tags

Missing Update Known Vulnerabilities