Описание
Cross Site Request Forgery in Moodle
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.
Пакеты
moodle/moodle
>= 3.11, < 3.11.5
3.11.5
moodle/moodle
>= 3.10, < 3.10.8
3.10.8
moodle/moodle
>= 3.9, < 3.9.11
3.9.11
Связанные уязвимости
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ...