Description

Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allow remote attackers to hijack the authentication of teachers for quick-grading requests.

Remediation

References

CVE-2014-0213

Related Vulnerabilities

ownCloud Improper Access Control Vulnerability (CVE-2016-9468)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4022)

Moodle CVE-2023-23923 Vulnerability (CVE-2023-23923)

PHP Numeric Errors Vulnerability (CVE-2016-4344)

Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8127)

Severity

Medium

Classification

CVE-2014-0213 CWE-352

Tags

Missing Update Known Vulnerabilities