Описание
A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.
EPSS
3.1 Low
CVSS3
Дефекты
Связанные уязвимости
A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.
A security vulnerability was found in Moodle where confidential inform ...
Moodle's mod_data edit/delete pages pass CSRF token in GET parameter
Уязвимость модуля mod_data виртуальной обучающей среды Moodle, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
3.1 Low
CVSS3