The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. Last month’s vulnerability roundup is here.
Most Recent Threats Articles Every month, a wide range of security vulnerabilities are uncovered and disclosed — below, we take a closer look at 14 of them, all with CVSS scores of 9.8 or higher, that were disclosed in March. 1. Server Side Request Forgery Flaw in Moodle CVE identifier: CVE-2019-3809 CVSS Base Score: 10.0 The vulnerability: A flaw in the mybackpack functionality of Moodle versions 3.1 to 3.1.15 (as well as earlier unsupported versions) allowed the setting of badge URLs, enabling a Server Side Request Forgery (SSRF) attack via requests made by the page.
GridinSoft Journalist. We write about cybersecurity and privacy, striving to provide readers the latest news of this field and useful tips to keep their data safe in this joyful, but dangerous modern world of the web.