IT Security Vulnerability Roundup – March 2019

The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. Last month’s vulnerability roundup is here.

 

Most Recent Threats Articles Every month, a wide range of security vulnerabilities are uncovered and disclosed — below, we take a closer look at 14 of them, all with CVSS scores of 9.8 or higher, that were disclosed in March.   1. Server Side Request Forgery Flaw in Moodle CVE identifier: CVE-2019-3809 CVSS Base Score: 10.0 The vulnerability: A flaw in the mybackpack functionality of Moodle versions 3.1 to 3.1.15 (as well as earlier unsupported versions) allowed the setting of badge URLs, enabling a Server Side Request Forgery (SSRF) attack via requests made by the page.

Source: IT Security Vulnerability Roundup – March 2019

Related Post

Instagram prototypes handing your location history... New Instagram feature that allows the app to collect your location history caused huge controversy among users.This is sure to exacerbate fears ...
Researcher Hijacks a Microsoft Service Using Looph... When you create an app on Azure and wants to make it available on the Internet with a custom domain name, the platform asks users to point their domai...
The danger of botnet network The word "botnet" is now very widespread and almost all users know what is mean. This is not surprising because this part of a network can be virtuall...
What is Trojan.CoinMiner csrss.exe Trojan.CoinMiner uses the computing resources of the infected computer to receive crypto currency, most often in BitCoin.The owner of such infecte...