Description
Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, related to lack of a requirement for the previous password.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2011-0876 Vulnerability (CVE-2011-0876)
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2017-9119)
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759)
Craft CMS CVE-2024-21622 Vulnerability (CVE-2024-21622)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16943)