Moodle vulnerable to Cross-site Request Forgery
High severity
GitHub Reviewed
Published
Mar 23, 2023
to the GitHub Advisory Database
•
Updated Apr 29, 2024
Description
Published by the National Vulnerability Database
Mar 23, 2023
Published to the GitHub Advisory Database
Mar 23, 2023
Reviewed
Mar 23, 2023
Last updated
Apr 29, 2024
The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.
References