Lucene search
GoogleOSV:GHSA-GQ9F-8RJ4-W7JCHistoryMay 31, 2024 - 9:30 p.m.
Moodle CSRF risk in admin preset tool management of presets
2024-05-3121:30:54
Google
osv.dev
4
moodle
csrf risk
admin tool
management
presets
software
CVSS3
8.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
9.0%
Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk.
Related
github
github
Moodle CSRF risk in admin preset tool management of presets
2024-05-31 21:30:54
vulnrichment
vulnrichment
CVE-2024-34001 moodle: CSRF risk in admin preset tool management of presets
2024-05-31 20:06:48
cvelist
cvelist
CVE-2024-34001 moodle: CSRF risk in admin preset tool management of presets
2024-05-31 20:06:48
cve
cve
CVE-2024-34001
2024-05-31 20:15:10
veracode
veracode
Cross-site Request Forgery (CSRF)
2024-06-07 06:44:43
osv
osv
CVE-2024-34001
2024-05-31 20:15:00
ubuntucve
ubuntucve
CVE-2024-34001
2024-05-31 00:00:00
nvd
nvd
CVE-2024-34001
2024-05-31 20:15:10
openvas
openvas
Moodle < 4.1.10, 4.2.x < 4.2.7, 4.3.x < 4.3.4 Multiple Vulnerabilities
2024-05-14 00:00:00
redos
redos
ROS-20240701-03
2024-07-01 00:00:00
CVSS3
8.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
9.0%
Related for OSV:GHSA-GQ9F-8RJ4-W7JC