Headline
CVE-2023-28335
The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.
Related news
GHSA-wxmq-v9gx-75pg: Moodle vulnerable to Cross-site Request Forgery
The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.