Lucene search
PRIOn knowledge basePRION:CVE-2016-2158HistoryMay 22, 2016 - 8:59 p.m.
Cross site request forgery (csrf)
2016-05-2220:59:00
PRIOn knowledge base
www.prio-n.com
6
lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attackers to obtain sensitive category-detail information from the navigation branch by leveraging the guest role for an Ajax request.
Related
veracode
veracode
Information Disclosure
2017-07-26 21:47:33
cvelist
cvelist
CVE-2016-2158
2016-05-22 20:00:00
ubuntucve
ubuntucve
CVE-2016-2158
2016-05-22 00:00:00
nvd
nvd
CVE-2016-2158
2016-05-22 20:59:07
cve
cve
CVE-2016-2158
2016-05-22 20:59:07
github
github
Moodle allows attackers to obtain sensitive category-detail information
2022-05-13 01:12:38
osv
osv
Moodle allows attackers to obtain sensitive category-detail information
2022-05-13 01:12:38
fedora
fedora
[SECURITY] Fedora 22 Update: moodle-2.8.11-1.fc22
2016-03-30 21:25:40
[SECURITY] Fedora 24 Update: moodle-3.0.3-1.fc24
2016-03-27 00:43:27
[SECURITY] Fedora 23 Update: moodle-2.9.5-1.fc23
2016-03-30 21:01:09
nessus
nessus
Moodle < 2.7.13 / 2.8.x < 2.8.11 / 2.9.x < 2.9.5 / 3.0.x < 3.0.3 Multiple Vulnerabilities
2016-04-08 00:00:00
Fedora 22 : moodle-2.8.11-1.fc22 (2016-b91d895e5a)
2016-04-01 00:00:00
Fedora 23 : moodle-2.9.5-1.fc23 (2016-403715aaec)
2016-04-01 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0122)
2016-03-31 00:00:00
Fedora Update for moodle FEDORA-2016-403715
2016-04-11 00:00:00
Fedora Update for moodle FEDORA-2016-9
2016-04-11 00:00:00
freebsd
freebsd
moodle -- multiple vulnerabilities
2016-03-21 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerability
2016-03-25 09:38:37