CVE-2009-4297
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-4297
Status
Candidate
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Severity
Medium
CVSS score
6,8
CVSS vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Phase
Assigned (16.12.2009)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4297
References
BID :
37244
CONFIRM :
http://docs.moodle.org/en/Moodle_1.8.11_release_notes
CONFIRM :
http://docs.moodle.org/en/Moodle_1.9.7_release_notes
CONFIRM :
http://moodle.org/mod/forum/discuss.php?d=139100
FEDORA :
FEDORA-2009-13040
FEDORA :
FEDORA-2009-13065
FEDORA :
FEDORA-2009-13080
SECUNIA :
37614
VUPEN :
ADV-2009-3455
SecurityVulns:
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
