CVE-2022-0335
N/A
N/A
Summary
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | moodle | moodle 3.11.5, moodle 3.10.9 and moodle 3.9.12 | affected |
Weaknesses
- CWE-352: CWE-352
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=2043666
- https://moodle.org/mod/forum/discuss.php?d=431103
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2043666
- https://moodle.org/mod/forum/discuss.php?d=431103
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.