moodle is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists in the resetalltemplates
parameter of action_bar.php
because the CSRF token was not properly validated, which allows an attacker to access sensitive information and reset all the database activity templates.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | v4.1.1 | |
moodle/moodle | le | v4.1.1 |