vulnerability
Moodle: Cross-Site Request Forgery (CSRF) (CVE-2024-34007)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | May 31, 2024 | Jun 3, 2025 | Aug 1, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
May 31, 2024
Added
Jun 3, 2025
Modified
Aug 1, 2025
Description
The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF.
Solution
moodle-upgrade-4_3_4
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.