CVE-2008-3262

Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, related to lack of a requirement for the previous password.
Configurations

Configuration 1

cpe:2.3:a:claroline:claroline:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.2:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:*:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.6_beta:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.8.7:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.8.8:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.7:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.6_rc1:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.3:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.7.7:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.4:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.5:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.8.5:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.6:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:claroline:claroline:1.7.2:*:*:*:*:*:*:*

Information

Published : 2008-07-22 05:41

Updated : 2018-10-11 08:47


NVD link : CVE-2008-3262

Mitre link : CVE-2008-3262

Products Affected
No products.
CWE