CVE-2010-2231 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-2231 Interim 1 5 2023-12-09T01:56:58Z current 2021-05-30T12:52:15Z 2023-12-09T01:56:58Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-2231 Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4IE7I5U4VU7ZSJNN3DHYMM3JYGTV67J6/#4IE7I5U4VU7ZSJNN3DHYMM3JYGTV67J6 E-Mail link for SUSE-SR:2010:014 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter. CVE-2010-2231 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P