Description
Cross-site request forgery (CSRF) vulnerability in enrol/imsenterprise/importnow.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that import an IMS Enterprise file.
Remediation
References
Related Vulnerabilities
TYPO3 CVE-2013-7080 Vulnerability (CVE-2013-7080)
WordPress Plugin Wbcom Designs-BuddyPress Group Reviews Security Bypass (2.8.3)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4401)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1578)
WordPress Plugin Pinterest 'Pin It' Button Cross-Site Scripting (2.0.8)