Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2014-0483)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References19
NVD
NVD
added 2014/11/24 11:59 a.m.29 views

CVE-2014-7838

Multiple cross-site request forgery CSRF vulnerabilities in the Forum module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for requests that set a tracking preference within 1...

6.8CVSS7.2AI score0.01006EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2014/11/24 11:59 a.m.20 views

CVE-2014-7838

Multiple cross-site request forgery CSRF vulnerabilities in the Forum module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for requests that set a tracking preference within 1...

6.8CVSS6AI score0.01006EPSS
Exploits0References2
CVE
CVE
added 2014/11/24 11:0 a.m.57 views

CVE-2014-7838

CVE-2014-7838 refers to multiple CSRF vulnerabilities in Moodle’s Forum module (mod/forum) affecting Moodle versions up to 2.7.3. The flaws allow remote attackers to hijack the authentication of arbitrary users by issuing requests that set a tracking preference via (1) mod/forum/deprecatedlib.php...

6.8CVSS7.3AI score0.01006EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/11/24 11:0 a.m.23 views

CVE-2014-7838

Multiple cross-site request forgery CSRF vulnerabilities in the Forum module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for requests that set a tracking preference within 1...

7.2AI score0.01006EPSS
Exploits0References4
Mageia
Mageia
added 2014/11/22 10:54 a.m.70 views

Updated moodle package fixes security vulnerabilities

In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References17
Rows per page
Query Builder