CVE-2024-34007

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF.

CVSS

No CVSS.

References

Link	Resource
https://moodle.org/mod/forum/discuss.php?d=458396

Configurations

No configuration.

History

03 Jun 2024, 14:46

Type	Values Removed	Values Added
Summary		(es) La opción de cierre de sesión dentro de MFA no incluía el token necesario para evitar el riesgo de que los usuarios cerraran sesión sin darse cuenta a través de CSRF.

31 May 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-31 21:15

Updated : 2024-06-03 14:46

NVD link : CVE-2024-34007

Mitre link : CVE-2024-34007

CVE.ORG link : CVE-2024-34007

JSON object : View

Products Affected

No product.

CWE

CWE-352

Cross-Site Request Forgery (CSRF)