6.8
CVSSv2

CVE-2014-7836

Published: 24/11/2014 Updated: 01/12/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI module in Moodle up to and including 2.4.11, 2.5.x prior to 2.5.9, 2.6.x prior to 2.6.6, and 2.7.x prior to 2.7.3 allow remote malicious users to hijack the authentication of arbitrary users for a (1) mod/lti/request_tool.php or (2) mod/lti/instructor_edit_tool_type.php request.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

moodle moodle 2.5.6

moodle moodle 2.5.5

moodle moodle 2.5.4

moodle moodle 2.5.3

moodle moodle 2.6.1

moodle moodle 2.6.2

moodle moodle 2.6.3

moodle moodle 2.6.4

moodle moodle 2.5.8

moodle moodle 2.5.1

moodle moodle 2.6.0

moodle moodle 2.6.5

moodle moodle 2.7.1

moodle moodle

moodle moodle 2.5.7

moodle moodle 2.5.2

moodle moodle 2.5.0

moodle moodle 2.7.0

moodle moodle 2.7.2