Lucene search
GoogleOSV:GHSA-3JRJ-X6CJ-97CPHistoryMay 24, 2022 - 7:21 p.m.
Moodle contains CSRF vulnerability
2022-05-2419:21:11
Google
osv.dev
8
moodle
csrf
vulnerability
versions
3.9
3.11.3
token check
EPSS
0.001
Percentile
31.5%
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The “delete related badge” functionality did not include the necessary token check to prevent a CSRF risk.
Related
cve
cve
CVE-2021-43559
2021-11-22 16:15:08
cvelist
cvelist
CVE-2021-43559
2021-11-22 16:00:05
prion
prion
Cross site request forgery (csrf)
2021-11-22 16:15:00
cnvd
cnvd
Moodle Cross-Site Request Forgery Vulnerability (CNVD-2021-92541)
2021-11-17 00:00:00
osv
osv
BIT-moodle-2021-43559
2024-03-06 11:06:35
CVE-2021-43559
2021-11-22 16:15:08
ubuntucve
ubuntucve
CVE-2021-43559
2021-11-22 00:00:00
github
github
Moodle contains CSRF vulnerability
2022-05-24 19:21:11
veracode
veracode
Cross-Site Request Forgery (CSRF)
2021-11-23 10:49:34
nvd
nvd
CVE-2021-43559
2021-11-22 16:15:08
nessus
nessus
Moodle 3.11.x < 3.11.4 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.9.x < 3.9.11 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.10.x < 3.10.8 Multiple Vulnerabilities
2023-02-20 00:00:00
openvas
openvas
Moodle < 3.9.11, 3.10.x < 3.10.8, 3.11.x < 3.11.4 Multiple Vulnerabilities
2021-11-23 00:00:00