CVE-2021-43559
packagist/moodle/moodle
Cross-Site Request Forgery (CSRF)
The delete related badge
functionality does not include the necessary token check to prevent a CSRF risk.
All versions up to 3.8.8, all versions starting from 3.9.0 before 3.9.11, all versions starting from 3.10.0 before 3.10.8, all versions starting from 3.11.0 before 3.11.4
Upgrade to versions 3.8.9, 3.9.11, 3.10.8, 3.11.4 or above.
2021-11-30
source |