CVE-2013-5708

Name of the Vulnerable Software and Affected Versions Coursemill Learning Management System (LMS) version 6.8

Description The issue allows remote attackers to conduct cross-site request forgery (CSRF) attacks via vectors related to cookies. This is due to the system constructing secret tokens based on time values.

Recommendations For version 6.8, consider implementing additional security measures to prevent CSRF attacks, such as utilizing a more secure token generation method that is not based on time values. As a temporary workaround, restrict access to sensitive operations that rely on these tokens to minimize the risk of exploitation.