Description
Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 allow remote attackers to hijack the authentication of administrators for requests that delete (1) categories or (2) fields.
Remediation
References
Related Vulnerabilities
Microsoft SQL Server Other Vulnerability (CVE-2001-0879)
WordPress Plugin Responsive Poll Security Bypass (1.3.4)
PHP Improper Input Validation Vulnerability (CVE-2015-3411)
WordPress Plugin Booster for WooCommerce Multiple Cross-Site Scripting Vulnerabilities (5.4.8)
Oracle Database Server CVE-2006-0258 Vulnerability (CVE-2006-0258)