Описание
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to delete unauthorized forum posts via a link or IMG tag to post.php.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1.9.4.dfsg-0ubuntu1 |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1.8.2-1ubuntu4.2 |
| intrepid | released | 1.8.2-1.2ubuntu2.1 |
| jaunty | not-affected | 1.9.4.dfsg-0ubuntu1 |
| karmic | not-affected | 1.9.4.dfsg-0ubuntu1 |
| upstream | released | 1.9.4 |
Показывать по
EPSS
6.4 Medium
CVSS2
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to delete unauthorized forum posts via a link or IMG tag to post.php.
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to delete unauthorized forum posts via a link or IMG tag to post.php.
Cross-site request forgery (CSRF) vulnerability in the forum code in M ...
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to delete unauthorized forum posts via a link or IMG tag to post.php.
EPSS
6.4 Medium
CVSS2