5 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-34007
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF. CVE-2024-34007 Note that...
CVE-2024-34007
The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...
CVE-2024-34007 moodle: logout CSRF in admin/tool/mfa/auth.php
The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...
CVE-2024-34007
The CVE-2024-34007 vulnerability concerns Moodle’s MFA logout functionality (admin/tool/mfa/auth.php) where the logout flow does not include a required CSRF token, exposing users to CSRF logout. Multiple connected sources (OSV, GHSA/GitHub advisories, Nessus/NVD, Ubuntu OSV) corroborate a CSRF ri...
CVE-2024-34007 moodle: logout CSRF in admin/tool/mfa/auth.php
The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF...