Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Coursemill Learning Management System (LMS) 6.8 constructs secret tokens based on time values, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via vectors related to cookies, a different vulnerability than CVE-2013-3605.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trivantis Coursemill Learning Management System 跨站请求伪造漏洞
Vulnerability Description
CourseMill Learning Management System(LMS)是美国Trivantis公司的一套学习管理系统。该系统可实现全时课程托管、学员注册和追踪、培训管理等功能。 Coursemill LMS 6.8版本中存在跨站请求伪造漏洞,该漏洞源于构造可预测的秘密令牌值(用户的时间戳)。远程攻击者可借助cookies,利用该漏洞实施跨站请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A