Description
Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.
Remediation
References
Related Vulnerabilities
WordPress Plugin amtyThumb Cross-Site Scripting (4.1.2)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4549)
WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Cross-Site Scripting (4.6.19)
MySQL CVE-2014-0386 Vulnerability (CVE-2014-0386)
WordPress Plugin Support Ticket System Multiple SQL Injection Vulnerabilities (1.2)