Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2014-0010 - Vulnerability Database
Moodle

Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2014-0010

Medium
Reference: CVE-2014-0010
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-0010
Title: Moodle Cross-Site Request Forgery (CSRF) Vulnerability
Overview:

Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle through 2.2.11 2.3.x before 2.3.11 2.4.x before 2.4.8 2.5.x before 2.5.4 and 2.6.x before 2.6.1 allow remote attackers to hijack the authentication of administrators for requests that delete (1) categories or (2) fields.