Lucene search
Ubuntu.comUB:CVE-2014-7836HistoryNov 24, 2014 - 12:00 a.m.
CVE-2014-7836
2014-11-2400:00:00
ubuntu.com
ubuntu.com
10
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
52.7%
Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI
module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6,
and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication
of arbitrary users for a (1) mod/lti/request_tool.php or (2)
mod/lti/instructor_edit_tool_type.php request.
Related
osv
osv
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
2022-05-13 01:12:43
cvelist
cvelist
CVE-2014-7836
2014-11-24 11:00:00
nvd
nvd
CVE-2014-7836
2014-11-24 11:59:06
cve
cve
CVE-2014-7836
2014-11-24 11:59:06
prion
prion
Cross site request forgery (csrf)
2014-11-24 11:59:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2017-07-28 04:40:02
github
github
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
2022-05-13 01:12:43
nessus
nessus
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0483)
2022-01-28 00:00:00
mageia
mageia
Updated moodle package fixes security vulnerabilities
2014-11-22 13:54:50
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
52.7%
Related for UB:CVE-2014-7836