Vulnerabilities > CVE-2024-43434 - Unspecified vulnerability in Moodle

047910
CVSS 8.1 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
moodle
NVD
Published: 2024-11-07
Updated: 2025-05-01

Summary

The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability.

Vulnerable Configurations

Part Description Count
Application
Moodle
488

References