Описание
A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.
EPSS
Процентиль: 2%
0.00017
Низкий
3.5 Low
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 3.5
ubuntu
около 2 месяцев назад
A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.
CVSS3: 3.5
debian
около 2 месяцев назад
A security vulnerability was discovered in Moodle that allows anyone t ...
CVSS3: 3.5
github
около 2 месяцев назад
Moodle has a CSRF risk in user tours manager that allows tour duplication
CVSS3: 3.5
fstec
около 2 месяцев назад
Уязвимость виртуальной обучающей среды Moodle, связанная с подделкой межсайтовых запросов, позволяющая нарушителю оказать влияние на целостность защищаемой информации
EPSS
Процентиль: 2%
0.00017
Низкий
3.5 Low
CVSS3
Дефекты
CWE-352