Lucene search

PRIOn knowledge basePRION:CVE-2009-0499

HistoryFeb 10, 2009 - 2:30 a.m.

Cross site request forgery (csrf)

2009-02-1002:30:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

57.5%

JSON

Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to delete unauthorized forum posts via a link or IMG tag to post.php.

CPENameOperatorVersion
moodleeq1.9.1
moodleeq1.8.2
moodleeq1.7.6
moodleeq1.9.2
moodleeq1.8.6
moodleeq1.7.1
moodleeq1.8.5
moodleeq1.8.3
moodleeq1.8.7
moodleeq1.9.3

Name	Operator	Version
moodle	eq	1.9.1
moodle	eq	1.8.2
moodle	eq	1.7.6
moodle	eq	1.9.2
moodle	eq	1.8.6
moodle	eq	1.7.1
moodle	eq	1.8.5
moodle	eq	1.8.3
moodle	eq	1.8.7
moodle	eq	1.9.3

Rows per page:

1-10 of 161

References

cvs.moodle.org/moodle/mod/forum/post.php?r1=1.154.2.14&r2=1.154.2.15

lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html

moodle.org/security/

secunia.com/advisories/34418

www.openwall.com/lists/oss-security/2009/02/04/1

7.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

57.5%

JSON

Related for PRION:CVE-2009-0499