Description

Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to delete unauthorized forum posts via a link or IMG tag to post.php.

Remediation

References

CVE-2009-0499

Related Vulnerabilities

WordPress Plugin Easy Watermark Security Bypass (0.7.0)

XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)

WordPress Plugin Bug Library Unspecified Vulnerability (2.0.7)

Apache HTTP Server Other Vulnerability (CVE-2000-0868)

Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22903)

Severity

Medium

Classification

CVE-2009-0499 CWE-352

Tags

Missing Update Known Vulnerabilities