Description
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allow remote attackers to hijack the authentication of teachers for quick-grading requests.
Remediation
References
Related Vulnerabilities
WordPress Plugin Membership 2 Unspecified Vulnerability (4.0.0.2)
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Directory Traversal (2.4.19)
MySQL CVE-2017-10165 Vulnerability (CVE-2017-10165)
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-18679)