CVE-2024-34007

Опубликовано: 31 мая 2024

Источник: debian

Описание

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF.

Пакет	Статус	Версия исправления	Релиз	Тип
moodle	removed			package

CVE-2024-34007

CVSS3: 8.8

ubuntu

больше 1 года назад

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF.

CVE-2024-34007

CVSS3: 8.8

nvd

больше 1 года назад

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF.

GHSA-8g5h-gjwq-w5ch

github

больше 1 года назад

Moodle Logout CSRF in admin/tool/mfa/auth.php

ROS-20240701-03

CVSS3: 7.4

redos

больше 1 года назад

Множественные уязвимости moodle