CVE-2014-0010

NONECVSS 0.0

0.0

Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 allow remote attackers to hijack the authentication of administrators for requests that delete (1) categories or (2) fields.

🔗 References (14)

secalert@redhathttp://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42883
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html
secalert@redhathttp://openwall.com/lists/oss-security/2014/01/20/1
secalert@redhathttp://osvdb.org/102261
secalert@redhathttp://www.securitytracker.com/id/1029649
secalert@redhathttps://moodle.org/mod/forum/discuss.php?d=252416
af854a3a-2127-422b-91ae-364da2661108http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42883
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2014/01/20/1
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/102261
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029649
af854a3a-2127-422b-91ae-364da2661108https://moodle.org/mod/forum/discuss.php?d=252416

Is Your Infrastructure Affected by CVE-2014-0010?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2014-0010

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2014-0010?