Lucene search
Veracode Vulnerability DatabaseVERACODE:4288HistoryMay 24, 2017 - 7:29 a.m.
Cross-site Request Forgery (CSRF)
2017-05-2407:29:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.002
Percentile
61.9%
Moodle is vulnerable to cross-site request forgery (CSRF) attacks. The attacks exist because the checking of session keys is not done in markposts.php, allowing an attacker to hijack an authentication of user for requests that marks forum posts as read.
Related
ubuntucve
ubuntucve
CVE-2016-3734
2017-04-20 00:00:00
osv
osv
Moodle Cross-site request forgery (CSRF) vulnerability
2022-05-13 01:12:38
CVE-2016-3734
2017-04-20 21:59:00
cve
cve
CVE-2016-3734
2017-04-20 21:59:00
prion
prion
Cross site request forgery (csrf)
2017-04-20 21:59:00
cvelist
cvelist
CVE-2016-3734
2017-04-20 21:00:00
nvd
nvd
CVE-2016-3734
2017-04-20 21:59:00
github
github
Moodle Cross-site request forgery (CSRF) vulnerability
2022-05-13 01:12:38
fedora
fedora
[SECURITY] Fedora 23 Update: moodle-2.9.6-1.fc23
2016-05-21 00:04:37
nessus
nessus
Moodle 2.7.x < 2.7.14 Multiple Vulnerabilities
2016-07-21 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2016-286bacdbfb
2016-06-08 00:00:00
Moodle 2.x / 3.x Multiple Vulnerabilities (May 2016) - Windows
2018-05-08 00:00:00
Moodle 2.x / 3.x Multiple Vulnerabilities (May 2016) - Linux
2018-05-08 00:00:00
freebsd
freebsd
moodle -- multiple vulnerabilities
2016-05-18 00:00:00