Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2010-2231 - Vulnerability Database

Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2010-2231

Medium

Reference: CVE-2010-2231

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-2231

Title: Moodle Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter.