The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | eq | 4.3.3 | |
moodle/moodle | eq | 4.3.1 | |
moodle/moodle | eq | 4.3.2 | |
moodle/moodle | eq | 4.3.0 |