Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:4524
HistoryJul 04, 2017 - 9:10 a.m.

Cross-site Request Forgery (CSRF)

2017-07-0409:10:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7

0.002 Low

EPSS

Percentile

52.5%

Moodle is vulnerable to cross-site request forgery (CSRF) attacks. These attacks are possible because it does not have enough session checking in enrol/imsenterprise/importnow.php during import of IMS Enterprise identities. This can allow a malicious user to hijack administrator’s authentication during an IMS Enterprise file import.

0.002 Low

EPSS

Percentile

52.5%