Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106
openwall.com/lists/oss-security/2015/01/19/1
github.com/moodle/moodle
github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90
github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6
github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea
moodle.org/mod/forum/discuss.php?d=278613
nvd.nist.gov/vuln/detail/CVE-2015-0213