Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-3734

Опубликовано: 20 апр. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.8

Описание

Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.

РелизСтатусПримечание
artful

not-affected

bionic

not-affected

cosmic

not-affected

devel

not-affected

disco

not-affected

esm-apps/bionic

not-affected

esm-apps/xenial

not-affected

3.0.3+dfsg-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
precise

ignored

end of life
precise/esm

DNE

precise was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 33%
0.00126
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVSS3: 8.8
nvd
около 8 лет назад

Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.

CVSS3: 8.8
debian
около 8 лет назад

Cross-site request forgery (CSRF) vulnerability in markposts.php in Mo ...

CVSS3: 8.8
github
около 3 лет назад

Moodle Cross-site request forgery (CSRF) vulnerability

EPSS

Процентиль: 33%
0.00126
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3