Lucene search
GoogleOSV:GHSA-WV9C-PFPM-4WC5HistoryMay 24, 2022 - 4:52 p.m.
Moodle CSRF Vulnerability
2022-05-2416:52:01
Google
osv.dev
7
moodle
csrf
vulnerability
xml loading
admin tool
EPSS
0.004
Percentile
72.7%
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.
References
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186
github.com/moodle/moodle
github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b
moodle.org/mod/forum/discuss.php?d=388567#p1566329
nvd.nist.gov/vuln/detail/CVE-2019-10186
web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175
Related
osv
osv
CVE-2019-10186
2019-07-31 22:15:12
cve
cve
CVE-2019-10186
2019-07-31 22:15:12
prion
prion
Cross site request forgery (csrf)
2019-07-31 22:15:00
veracode
veracode
Cross-site Scripting (XSS)
2019-08-01 11:33:41
cvelist
cvelist
CVE-2019-10186
2019-07-31 21:40:55
ubuntucve
ubuntucve
CVE-2019-10186
2019-07-31 00:00:00
nvd
nvd
CVE-2019-10186
2019-07-31 22:15:12
github
github
Moodle CSRF Vulnerability
2022-05-24 16:52:01
openvas
openvas
Moodle < 3.5.7, 3.6.x < 3.6.5, 3.7.x < 3.7.1 Multiple Vulnerabilities
2019-08-06 00:00:00