Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course.

Remediation

References

CVE-2011-4281

Related Vulnerabilities

WebLogic CVE-2020-2883 Vulnerability (CVE-2020-2883)

WordPress Plugin Download Zip Attachments Arbitrary File Download (1.0.0)

WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36155)

WordPress Plugin Social Media Flying Icons-Floating Social Media Icon Multiple Unspecified Vulnerabilities (4.2.3)

WebLogic Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-23305)

Severity

Medium

Classification

CVE-2011-4281 CWE-352

Tags

Missing Update Known Vulnerabilities