8 matches found
Moodle Cross-site request forgery (CSRF) vulnerability
Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...
GHSA-R867-V437-4RRM Moodle Cross-site request forgery (CSRF) vulnerability
Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...
Cross-site Request Forgery (CSRF)
Moodle is vulnerable to cross-site request forgery CSRF attacks. The attacks exist because the checking of session keys is not done in markposts.php, allowing an attacker to hijack an authentication of user for requests that marks forum posts as read...
UBUNTU-CVE-2016-3734
Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...
CVE-2016-3734
Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...
CVE-2016-3734
Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...
CVE-2016-3734
The CVE-2016-3734 entry concerns a Cross-site Request Forgery in Moodle’s markposts.php. Affected versions include Moodle 3.0.x up to 3.0.3, 2.9.x up to 2.9.5, 2.8.x up to 2.8.11, and 2.7.x up to 2.7.13 and earlier. Under CSRF, remote attackers can hijack a logged-in user’s session to perform act...
CVE-2016-3734
Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...