Lucene search
Veracode Vulnerability DatabaseVERACODE:4524HistoryJul 04, 2017 - 9:10 a.m.
Cross-site Request Forgery (CSRF)
2017-07-0409:10:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.002 Low
EPSS
Percentile
52.5%
Moodle is vulnerable to cross-site request forgery (CSRF) attacks. These attacks are possible because it does not have enough session checking in enrol/imsenterprise/importnow.php during import of IMS Enterprise identities. This can allow a malicious user to hijack administrator’s authentication during an IMS Enterprise file import.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | 2.6.1 | |
| moodle/moodle | le | 2.4.8 | |
| moodle/moodle | le | 2.5.4 | |
| moodle/moodle | le | 2.3.11 |
Related
osv
osv
Moodle cross-site request forgery (CSRF) vulnerability
2022-05-13 01:12:51
ubuntucve
ubuntucve
CVE-2014-0126
2014-03-24 00:00:00
cvelist
cvelist
CVE-2014-0126
2014-03-22 01:00:00
nvd
nvd
CVE-2014-0126
2014-03-24 14:20:39
prion
prion
Cross site request forgery (csrf)
2014-03-24 14:20:00
github
github
Moodle cross-site request forgery (CSRF) vulnerability
2022-05-13 01:12:51
cve
cve
CVE-2014-0126
2014-03-24 14:20:39
nessus
nessus
Fedora 20 : moodle-2.5.5-1.fc20 (2014-4163)
2014-03-31 00:00:00
Fedora 19 : moodle-2.4.9-1.fc19 (2014-4152)
2014-03-31 00:00:00
Moodle 2.4.x < 2.4.9 Multiple Vulnerabilities
2016-07-21 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2014-4163
2014-04-03 00:00:00
Mageia: Security Advisory (MGASA-2014-0160)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2014-4163
2014-04-03 00:00:00
mageia
mageia
Updated moodle packages fix multiple security vulnerabilities
2014-04-03 21:23:49
fedora
fedora
[SECURITY] Fedora 20 Update: moodle-2.5.5-1.fc20
2014-03-30 06:16:54
[SECURITY] Fedora 19 Update: moodle-2.4.9-1.fc19
2014-03-30 06:10:35
[SECURITY] Fedora 20 Update: moodle-2.5.6-1.fc20
2014-05-29 23:27:45