Description

Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allow remote attackers to hijack the authentication of teachers for quick-grading requests.

Remediation

References

CVE-2014-0213

Related Vulnerabilities

WordPress Plugin Membership 2 Unspecified Vulnerability (4.0.0.2)

WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Directory Traversal (2.4.19)

MySQL CVE-2017-10165 Vulnerability (CVE-2017-10165)

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-18679)

Severity

Medium

Classification

CVE-2014-0213 CWE-352

Tags

Missing Update Known Vulnerabilities