{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T21:46:19.690","vulnerabilities":[{"cve":{"id":"CVE-2008-3325","sourceIdentifier":"cve@mitre.org","published":"2008-07-25T16:41:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page."},{"lang":"es","value":"Vulnerabilidad de falsificación de petición en sitios cruzados (CSFR) en Moodle 1.6.x versiones anteriores a la 1.6.7 y 1.7.x versiones anteriores a la 1.7.5, permite a atacantes remotos modificar el perfil de la configuración y obtener privilegios como otro usuario a través de un enlace o etiqueta IMG de la página de edición del perfil de usuario."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"1.6","versionEndExcluding":"1.6.7","matchCriteriaId":"B069A088-482B-424F-995B-844F0B1B5102"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7","versionEndExcluding":"1.7.5","matchCriteriaId":"1667DFC8-BB76-4DB0-A188-BB5E283CB120"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","matchCriteriaId":"0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://moodle.org/mod/forum/discuss.php?d=101405","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/31196","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://secunia.com/advisories/31339","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.debian.org/security/2008/dsa-1691","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.procheckup.com/Vulnerability_PR08-16.php","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"http://www.securityfocus.com/archive/1/494658/100/0/threaded","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43964","source":"cve@mitre.org","tags":["VDB Entry"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://moodle.org/mod/forum/discuss.php?d=101405","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/31196","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://secunia.com/advisories/31339","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.debian.org/security/2008/dsa-1691","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.procheckup.com/Vulnerability_PR08-16.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://www.securityfocus.com/archive/1/494658/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43964","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry"]}]}}]}