Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2012-6103 - Vulnerability Database

Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2012-6103

Medium

Reference: CVE-2012-6103

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-6103

Title: Moodle Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

Multiple cross-site request forgery (CSRF) vulnerabilities in user/messageselect.php in the messaging system in Moodle 2.2.x before 2.2.7 2.3.x before 2.3.4 and 2.4.x before 2.4.1 allow remote attackers to hijack the authentication of arbitrary users for requests that send course messages.