CVE-2024-34001 moodle: CSRF risk in admin preset tool management of presets

🗓️ 31 May 2024 20:06:48Reported by fedoraType

CSRF risk in admin preset tool - lacking necessary toke

Reporter	Title	Published	Views	Family All 31
CNNVD	Moodle Security Breach	31 May 202400:00	–	cnnvd
CVE	CVE-2024-34001	31 May 202420:06	–	cve
Github Security Blog	Moodle CSRF risk in admin preset tool management of presets	31 May 202421:30	–	github
NVD	CVE-2024-34001	31 May 202420:15	–	nvd
OpenVAS	Moodle < 4.1.10, 4.2.x < 4.2.7, 4.3.x < 4.3.4 Multiple Vulnerabilities	14 May 202400:00	–	openvas
OSV	BIT-MOODLE-2024-34001 moodle: CSRF risk in admin preset tool management of presets	31 May 202505:57	–	osv
OSV	GHSA-GQ9F-8RJ4-W7JC Moodle CSRF risk in admin preset tool management of presets	31 May 202421:30	–	osv
OSV	UBUNTU-CVE-2024-34001	31 May 202420:15	–	osv
Positive Technologies	PT-2023-30245 · Moodle +1 · Moodle +1	29 Oct 202300:00	–	ptsecurity
Positive Technologies	PT-2024-25627 · Moodle +2 · Moodle +2	31 May 202400:00	–	ptsecurity

[
  {
    "collectionURL": "https://git.moodle.org",
    "packageName": "Moodle",
    "versions": [
      {
        "status": "affected",
        "version": "4.0",
        "lessThanOrEqual": "4.3.3",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.2",
        "lessThanOrEqual": "4.2.6",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.1",
        "lessThanOrEqual": "4.1.9",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
moodle	www.moodle.org/mod/forum/discuss.php

31 May 2024 20:06Current

6.3Medium risk

Vulners AI Score6.3

EPSS0.00321

CWE-352