Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2014-0483)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References19
UbuntuCve
UbuntuCve
added 2014/11/24 11:59 a.m.22 views

CVE-2014-7836

Multiple cross-site request forgery CSRF vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for a 1 mod/lti/requesttool.php or 2...

6.8CVSS6AI score0.01006EPSS
Exploits0References2
CVE
CVE
added 2014/11/24 11:0 a.m.62 views

CVE-2014-7836

CVE-2014-7836 refers to multiple CSRF vulnerabilities in Moodle’s LTI module that allow remote attackers to hijack the authentication of arbitrary users via requests to mod/lti/request_tool.php or mod/lti/instructor_edit_tool_type.php. Affected Moodle branches include 2.4.11, 2.5.x before 2.5.9, ...

6.8CVSS7.3AI score0.01006EPSS
Exploits0References4Affected Software1
Mageia
Mageia
added 2014/11/22 10:54 a.m.70 views

Updated moodle package fixes security vulnerabilities

In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References17
Rows per page
Query Builder