CVE-2022-0335

Опубликовано: 25 янв. 2022

Источник: ubuntu

Приоритет: medium

CVSS2: 6.8

CVSS3: 8.8

Описание

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
esm-apps/bionic	needs-triage
esm-apps/xenial	needs-triage
trusty	ignored	end of standard support
upstream	needs-triage
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2022-0335

CVSS3: 8.8

nvd

около 4 лет назад

CVE-2022-0335

CVSS3: 8.8

debian

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ...

GHSA-xpfv-89vg-r562

CVSS3: 8.8

github

около 4 лет назад

Cross Site Request Forgery in Moodle

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2022-0335

Описание

Пакет moodle

Ссылки на источники

Связанные уязвимости