Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:40009
HistoryMar 31, 2023 - 6:18 a.m.

Cross-Site Request Forgery (CSRF)

2023-03-3106:18:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
cross-site request forgery
csrf
vulnerability
resetalltemplates
action_bar.php
validation
sensitive information
database activity templates
moodle

0.001 Low

EPSS

Percentile

26.7%

JSON

moodle is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists in the resetalltemplates parameter of action_bar.php because the CSRF token was not properly validated, which allows an attacker to access sensitive information and reset all the database activity templates.

CPENameOperatorVersion
moodle/moodlelev4.1.1
moodle/moodlelev4.1.1

Related

cve 1
osv 3
prion 1
cvelist 1
ubuntucve 1
nvd 1
github 1
openvas 1
cve
cve
CVE-2023-28335
2023-03-23 21:15:20
osv
osv
CVE-2023-28335
2023-03-23 21:15:20
Moodle vulnerable to Cross-site Request Forgery
2023-03-23 21:30:18
BIT-moodle-2023-28335
2024-03-06 10:59:55
prion
prion
Cross site request forgery (csrf)
2023-03-23 21:15:00
cvelist
cvelist
CVE-2023-28335 Moodle: csrf risk in resetting all templates of a database activity
2023-03-23 00:00:00
ubuntucve
ubuntucve
CVE-2023-28335
2023-03-23 00:00:00
nvd
nvd
CVE-2023-28335
2023-03-23 21:15:20
github
github
Moodle vulnerable to Cross-site Request Forgery
2023-03-23 21:30:18
openvas
openvas
Moodle 4.1 < 4.1.2 Multiple Vulnerabilities
2023-03-24 00:00:00

0.001 Low

EPSS

Percentile

26.7%

JSON
Related for VERACODE:40009
cve1osv3prion1cvelist1ubuntucve1nvd1github1openvas1