A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and previous versions unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle |