Lucene search

K

GoogleOSV:CVE-2016-3734

HistoryApr 20, 2017 - 9:59 p.m.

CVE-2016-3734

2017-04-2021:59:00

Google

osv.dev

7

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

61.9%

Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.

References

git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53755

www.openwall.com/lists/oss-security/2016/05/17/4

www.securityfocus.com/bid/91281

www.securitytracker.com/id/1035902

bugzilla.redhat.com/show_bug.cgi?id=1335933

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

61.9%

Related for OSV:CVE-2016-3734

ubuntucve1 veracode1 osv1 cve1 prion1 cvelist1 nvd1 github1 fedora1 nessus2 openvas3 freebsd1