Lucene search

CVE-2019-10186

🗓️ 31 Jul 2019 22:12:15Reported by redhatType

A flaw in Moodle before versions 3.7.1, 3.6.5, 3.5.7 allows CSRF attacks via XML admin tool

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
OSV	CVE-2019-10186	31 Jul 201922:15	–	osv
OSV	Moodle CSRF Vulnerability	24 May 202216:52	–	osv
Github Security Blog	Moodle CSRF Vulnerability	24 May 202216:52	–	github
UbuntuCve	CVE-2019-10186	31 Jul 201900:00	–	ubuntucve
NVD	CVE-2019-10186	31 Jul 201922:15	–	nvd
Prion	Cross site request forgery (csrf)	31 Jul 201922:15	–	prion
Cvelist	CVE-2019-10186	31 Jul 201921:40	–	cvelist
Veracode	Cross-site Scripting (XSS)	1 Aug 201911:33	–	veracode
OpenVAS	Moodle < 3.5.7, 3.6.x < 3.6.5, 3.7.x < 3.7.1 Multiple Vulnerabilities	6 Aug 201900:00	–	openvas

Nvd

Vulners

Node

moodle moodleRange<3.5.7

moodle moodleRange3.6.0–3.6.5

moodle moodleRange3.7.0–3.7.1

[
  {
    "product": "moodle",
    "vendor": "The Moodle Project",
    "versions": [
      {
        "status": "affected",
        "version": "3.7.1"
      },
      {
        "status": "affected",
        "version": "3.6.5"
      },
      {
        "status": "affected",
        "version": "3.5.7"
      }
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
moodle	www.moodle.org/mod/forum/discuss.php
securityfocus	www.securityfocus.com/bid/109175

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Jul 2019 22:15Current

8.6High risk

Vulners AI Score8.6

CVSS26.8

CVSS36.5 - 8.8

EPSS0.00309

CWE-352