Vulnerability Details CVE-2008-3262
Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, related to lack of a requirement for the previous password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.9%
CVSS Severity
CVSS v2 Score 5.8
References
- http://secunia.com/advisories/31116
- http://securityreason.com/securityalert/4020
- http://sourceforge.net/project/shownotes.php?release_id=613634
- http://wiki.claroline.net/index.php/Changelog_1.8.x#Modification_between_claroline_1.8.9_and_1.8.10
- http://www.securityfocus.com/archive/1/494539/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43854
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43974
- http://secunia.com/advisories/31116
- http://securityreason.com/securityalert/4020
- http://sourceforge.net/project/shownotes.php?release_id=613634
- http://wiki.claroline.net/index.php/Changelog_1.8.x#Modification_between_claroline_1.8.9_and_1.8.10
- http://www.securityfocus.com/archive/1/494539/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43854
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43974
Products affected by CVE-2008-3262
-
cpe:2.3:a:claroline:claroline:*
-
cpe:2.3:a:claroline:claroline:1.2
-
cpe:2.3:a:claroline:claroline:1.3
-
cpe:2.3:a:claroline:claroline:1.4
-
cpe:2.3:a:claroline:claroline:1.5
-
cpe:2.3:a:claroline:claroline:1.5.3
-
cpe:2.3:a:claroline:claroline:1.5.4
-
cpe:2.3:a:claroline:claroline:1.6
-
cpe:2.3:a:claroline:claroline:1.6_beta
-
cpe:2.3:a:claroline:claroline:1.6_rc1
-
cpe:2.3:a:claroline:claroline:1.7
-
cpe:2.3:a:claroline:claroline:1.7.1
-
cpe:2.3:a:claroline:claroline:1.7.2
-
cpe:2.3:a:claroline:claroline:1.7.3
-
cpe:2.3:a:claroline:claroline:1.7.4
-
cpe:2.3:a:claroline:claroline:1.7.5
-
cpe:2.3:a:claroline:claroline:1.7.6
-
cpe:2.3:a:claroline:claroline:1.7.7
-
cpe:2.3:a:claroline:claroline:1.8.0
-
cpe:2.3:a:claroline:claroline:1.8.1
-
cpe:2.3:a:claroline:claroline:1.8.2
-
cpe:2.3:a:claroline:claroline:1.8.3
-
cpe:2.3:a:claroline:claroline:1.8.4
-
cpe:2.3:a:claroline:claroline:1.8.5
-
cpe:2.3:a:claroline:claroline:1.8.6
-
cpe:2.3:a:claroline:claroline:1.8.7
-
cpe:2.3:a:claroline:claroline:1.8.8