moodle/moodle is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability is due to the admin management of analytics models, which fails to prevent CSRF risks because it does not include the necessary token.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | v4.3.3 | |
moodle/moodle | le | v4.1.9 | |
moodle/moodle | le | v4.2.6 | |
moodle/moodle | le | v4.3.3 | |
moodle/moodle | le | v4.1.9 | |
moodle/moodle | le | v4.2.6 |