Moodle is vulnerable to cross-site request forgery attacks. The vulnerability exists because the remove
option of the action related badges isn’t properly validated with an sesskey when removing the related action badges which allows an attacker to perform unauthenticated deletions of the action related badges.