Lucene search
PRIOn knowledge basePRION:CVE-2014-0010HistoryJan 20, 2014 - 3:14 p.m.
Cross site request forgery (csrf)
2014-01-2015:14:00
PRIOn knowledge base
www.prio-n.com
3
Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 allow remote attackers to hijack the authentication of administrators for requests that delete (1) categories or (2) fields.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42883
openwall.com/lists/oss-security/2014/01/20/1
osvdb.org/102261
www.securitytracker.com/id/1029649
lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html
lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html
moodle.org/mod/forum/discuss.php?d=252416
Related
nvd
nvd
CVE-2014-0010
2014-01-20 15:14:32
cve
cve
CVE-2014-0010
2014-01-20 15:14:32
ubuntucve
ubuntucve
CVE-2014-0010
2014-01-20 00:00:00
cvelist
cvelist
CVE-2014-0010
2014-01-20 11:00:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2017-07-12 14:46:42
nessus
nessus
Moodle 2.3.x < 2.3.11 Multiple Vulnerabilities
2016-07-21 00:00:00
Fedora 20 : moodle-2.5.4-1.fc20 (2014-1396)
2014-01-31 00:00:00
Fedora 19 : moodle-2.4.8-1.fc19 (2014-1377)
2014-01-31 00:00:00
mageia
mageia
Updated moodle package fixes security vulnerabilities
2014-02-12 02:34:37
fedora
fedora
[SECURITY] Fedora 20 Update: moodle-2.5.4-1.fc20
2014-01-31 04:27:57
[SECURITY] Fedora 19 Update: moodle-2.4.8-1.fc19
2014-01-31 04:24:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0053)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2014-1377
2014-02-03 00:00:00
Fedora Update for moodle FEDORA-2014-1377
2014-02-03 00:00:00