The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.
2023-03-23T21:15:20.257
2024-11-21T07:54:52.253
Modified
CVSSv3.1: 8.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | moodle | moodle | 4.1.0 | Yes |
| Application | moodle | moodle | 4.1.1 | Yes |