Vulnerabilities

CVE-2014-0126

by Fred · 21/03/2014

Cross-site request forgery (CSRF) vulnerability in enrol/imsenterprise/importnow.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that import an IMS Enterprise file.

Date published : 2014-03-21

http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146

https://moodle.org/mod/forum/discuss.php?d=256423

Similar

Tags: Cybersecurity Alert