3 matches found
CVE-2023-28335
The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk...
CVE-2023-28335
The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk...
CVE-2023-28335
CVE-2023-28335 describes a CSRF risk in Moodle where the link to reset all templates of a database activity did not include the necessary token. Connected sources (OSV, GHSA, NVD/NASL) confirm a cross-site request forgery issue without publicly documented patches in the provided materials. The ex...