EPSS
Percentile
52.7%
Moodle is vulnerable to cross-site request forgery (CSRF) attacks. Leveraging a flaw in mod/assign/adminmanageplugins.php, attackers can hijack the authentication of administrators through requests that manage the Assignment plugins.
mod/assign/adminmanageplugins.php
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53031
www.openwall.com/lists/oss-security/2016/03/21/1
www.securitytracker.com/id/1035333
moodle.org/mod/forum/discuss.php?d=330179