CVE-2019-10186
Moodle CVE-2019-10186 affects Moodle installations prior to 3.7.1, 3.6.5, and 3.5.7. The root cause is that a sesskey CSRF token was not utilized by the XML loading/unloading admin tool, enabling CSRF-related risk. Impact is described as partial confidentiality, integrity, and availability concer...