What the vulnerability does

01Description

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.

Key dates

02Disclosure timeline

January 25, 2022 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE