Описание
Cross-site request forgery (CSRF) vulnerability in admin/registration/register.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote attackers to hijack the authentication of administrators for requests that send statistics to an arbitrary hub URL.
Уязвимые конфигурации
Одно из
EPSS
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in admin/registration/register.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote attackers to hijack the authentication of administrators for requests that send statistics to an arbitrary hub URL.
Cross-site request forgery (CSRF) vulnerability in admin/registration/ ...
Moodle cross-site request forgery (CSRF) vulnerability
Уязвимость системы управления обучением Мoodle, позволяющая нарушителю подменить пользователя в ходе сессии
EPSS
4.3 Medium
CVSS3
4.3 Medium
CVSS2