Description

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims.

Remediation

References

CVE-2015-0213

Related Vulnerabilities

MediaWiki Improper Input Validation Vulnerability (CVE-2010-1189)

WordPress Plugin Jock on air now Multiple Vulnerabilities (5.6.1)

WordPress Plugin Arigato Autoresponder and Newsletter Multiple Vulnerabilities (2.5.1.6)

ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-9049)

WordPress Plugin Salon Booking System Arbitrary File Upload (10.2)

Severity

Medium

Classification

CVE-2015-0213 CWE-352

Tags

Missing Update Known Vulnerabilities