Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2019-10186 - Vulnerability Database

Moodle Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2019-10186

High

Reference: CVE-2019-10186

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-10186

Title: Moodle Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

A flaw was found in moodle before versions 3.7.1 3.6.5 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.