Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Campus Virtual-LMS allow (1) remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a (2) ADD or (3) DELETE action to enrolments/step2.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Campus Virtual-LMS多个跨站请求伪造漏洞
Vulnerability Description
Campus Virtual-LMS中存在多个跨站请求伪造漏洞。(1)远程攻击者可以借助login/logout.php,劫持请求中止会话的任意用户的权限,而且远程攻击者可以借助一个(2)ADD或(3)对enrolments/step2.php的DELETE操作,劫持某些用户的权限。
CVSS Information
N/A
Vulnerability Type
N/A