Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2018-16854 - Vulnerability Database
Moodle

Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2018-16854

High
Reference: CVE-2018-16854
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-16854
Title: Moodle Cross-Site Request Forgery (CSRF) Vulnerability
Overview:

A flaw was found in moodle versions 3.5 to 3.5.2 3.4 to 3.4.5 3.3 to 3.3.8 3.1 to 3.1.14 and earlier. The login form is not protected by a token to prevent login cross-site request forgery. Fixed versions include 3.6 3.5.3 3.4.6 3.3.9 and 3.1.15.