CVE-2023-28335

Опубликовано: 23 мар. 2023

Источник: debian

Описание

The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.

Пакет	Статус	Версия исправления	Релиз	Тип
moodle	removed			package

CVE-2023-28335

CVSS3: 8.8

ubuntu

больше 2 лет назад

The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.

CVE-2023-28335

CVSS3: 8.8

nvd

больше 2 лет назад

The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.

GHSA-wxmq-v9gx-75pg

CVSS3: 8.8

github

больше 2 лет назад

Moodle vulnerable to Cross-site Request Forgery