CVE-2021-43559

Summary

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.

Affected Software

VendorProductVersion RangeStatus
n/amoodlemoodle 3.11.4, moodle 3.10.8 and moodle 3.9.11affected

Weaknesses

  • CWE-352: CWE-352

ADP Enrichment

CVE Program Container

Additional References

References