A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and previous versions unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle |
||
fedoraproject fedora 35 |
||
fedoraproject extra packages for enterprise linux 7.0 |