Description
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-2461 Vulnerability (CVE-2013-2461)
WordPress Plugin Interactive SVG Image Map Builder Cross-Site Scripting (1.0)
ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-5433)
WordPress Plugin Ad Invalid Click Protector (AICP) Malicious Code (1.2.9)
WordPress Plugin WP Hotel Booking Remote Code Execution (1.10.2)