CVE-2008-3262

Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, related to lack of a requirement for the previous password.

Published: Jul 22, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3262
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
claroline / claroline	1.8.1	1.8.1.x
claroline / claroline	1.7.5	1.7.5.x
claroline / claroline	1.8.2	1.8.2.x
claroline / claroline	1.8.4	1.8.4.x
claroline / claroline	1.7.4	1.7.4.x
claroline / claroline	1.5.4	1.5.4.x
claroline / claroline	1.2	1.2.x
claroline / claroline	-	1.8.9.x
claroline / claroline	1.6_beta	1.6_beta.x
claroline / claroline	1.8.7	1.8.7.x
claroline / claroline	1.8.8	1.8.8.x
claroline / claroline	1.7	1.7.x
claroline / claroline	1.6_rc1	1.6_rc1.x
claroline / claroline	1.7.1	1.7.1.x
claroline / claroline	1.3	1.3.x
claroline / claroline	1.7.6	1.7.6.x
claroline / claroline	1.7.7	1.7.7.x
claroline / claroline	1.4	1.4.x
claroline / claroline	1.5	1.5.x
claroline / claroline	1.8.5	1.8.5.x
claroline / claroline	1.6	1.6.x
claroline / claroline	1.8.6	1.8.6.x
claroline / claroline	1.5.3	1.5.3.x
claroline / claroline	1.7.3	1.7.3.x
claroline / claroline	1.8.0	1.8.0.x
claroline / claroline	1.8.3	1.8.3.x
claroline / claroline	1.7.2	1.7.2.x

Vulnerability Database

CVE-2008-3262