Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF risk.
2024-05-31T21:15:09.743
2025-03-25T17:15:55.570
Modified
CVSSv3.1: 8.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | moodle | moodle | < 4.3.4 | Yes |
| Application | moodle | moodle | < 4.1.10 | Yes |
| Application | moodle | moodle | < 4.2.7 | Yes |