Moodle is vulnerable to multiple cross-site request forgery (CSRF) attacks. The attacks exist because mod/assign/locallib.php
does not properly handle session checking in Assignment’s quick-grading, allowing any authenticated user to perform the attacks.