Description

Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allow remote attackers to hijack the authentication of teachers for quick-grading requests.

Remediation

References

CVE-2014-0213

Related Vulnerabilities

Oracle Database Server CVE-2015-4740 Vulnerability (CVE-2015-4740)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8152)

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-5519)

ASP.NET MVC Improper Authentication Vulnerability (CVE-2018-8171)

WebLogic CVE-2016-5531 Vulnerability (CVE-2016-5531)

Severity

Medium

Classification

CVE-2014-0213 CWE-352

Tags

Missing Update Known Vulnerabilities