Unrated severityNVD Advisory· Published Jun 28, 2010· Updated Jun 16, 2026
CVE-2010-2231
CVE-2010-2231
Description
Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
54cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*+ 53 more
- cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*range: <=1.8.12
- cpe:2.3:a:moodle:moodle:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.5.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.8:*:*:*:*:*:*:*
- (no CPE)range: <1.8.13 (1.9.x <1.9.9)
Patches
Vulnerability mechanics
References
15- cvs.moodle.org/moodle/mod/quiz/report/overview/report.phpnvdPatch
- www.vupen.com/english/advisories/2010/1530nvdPatchVendor Advisory
- secunia.com/advisories/40248nvdVendor Advisory
- secunia.com/advisories/40352nvdVendor Advisory
- www.vupen.com/english/advisories/2010/1571nvdVendor Advisory
- docs.moodle.org/en/Moodle_1.8.13_release_notesnvd
- docs.moodle.org/en/Moodle_1.9.9_release_notesnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-June/043285.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-June/043291.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-June/043340.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlnvd
- moodle.org/mod/forum/discuss.phpnvd
- tracker.moodle.org/browse/MDL-21688nvd
- www.openwall.com/lists/oss-security/2010/06/21/2nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.