Description
Cross-site request forgery (CSRF) vulnerability in auth/shibboleth/logout.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout.
Remediation
References
Related Vulnerabilities
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759)
MediaWiki Insufficiently Protected Credentials Vulnerability (CVE-2020-29005)
WordPress CVE-2011-4899 Vulnerability (CVE-2011-4899)
WordPress Plugin Quotes Collection Cross-Site Scripting (2.0.5)
Oracle Database Server CVE-2014-6483 Vulnerability (CVE-2014-6483)