CVE-2024-38276

CVE-2024-38276: moodle: CSRF risks due to misuse of confirm_sesskey

Vendor Moodle
Product Moodle
Weakness CWE-352 · CSRF
Published June 18, 2024
Last update March 26, 2025

CVSS base score

What the vulnerability does

01Description

Incorrect CSRF token checks resulted in multiple CSRF risks.

Key dates

02Disclosure timeline

June 18, 2024 CVE published
March 26, 2025 Record updated