1
Candidate: CVE-2015-0218
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0218
5
https://moodle.org/mod/forum/discuss.php?d=278618#p1196684
6
http://www.openwall.com/lists/oss-security/2015/01/19/1
8
Cross-site request forgery (CSRF) vulnerability in
9
auth/shibboleth/logout.php in Moodle through 2.5.9, 2.6.x before 2.6.7,
10
2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote attackers to
11
hijack the authentication of arbitrary users for requests that trigger a
16
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775842
18
Discovered-by: Petr Skoda
22
upstream_moodle: released (2.8.2, 2.7.4, 2.6.7)
23
lucid_moodle: ignored (reached end-of-life)
24
precise_moodle: ignored (reached end-of-life)
25
precise/esm_moodle: DNE (precise was needed)
27
utopic_moodle: ignored (reached end-of-life)
28
vivid_moodle: ignored (reached end-of-life)
29
vivid/stable-phone-overlay_moodle: DNE
30
vivid/ubuntu-core_moodle: DNE
31
wily_moodle: ignored (reached end-of-life)
33
yakkety_moodle: ignored (reached end-of-life)
34
zesty_moodle: ignored (reached end-of-life)