Moodle · Moodle · CVE-2019-10186
Name of the Vulnerable Software and Affected Versions:
Moodle versions prior to 3.7.1
Moodle versions prior to 3.6.5
Moodle versions prior to 3.5.7
Description:
A flaw was found in the XML loading/unloading admin tool where a sesskey (CSRF) token was not being utilized.
Recommendations:
For versions prior to 3.7.1, update to version 3.7.1 or later.
For versions prior to 3.6.5, update to version 3.6.5 or later.
For versions prior to 3.5.7, update to version 3.5.7 or later.