VYPR
Unrated severityNVD Advisory· Published Jul 25, 2008· Updated Jun 16, 2026

CVE-2008-3325

CVE-2008-3325

Description

Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page.

Affected products

3
  • Moodle/Moodle2 versions
    cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*range: >=1.6,<1.6.7
    • (no CPE)range: <1.6.7, <1.7.5
  • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.