Description
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.
Remediation
References
Related Vulnerabilities
Moodle Incorrect Authorization Vulnerability (CVE-2022-0984)
WordPress Plugin GN Publisher: Google News Compatible RSS Feeds Cross-Site Scripting (1.5.5)
MySQL CVE-2021-2194 Vulnerability (CVE-2021-2194)
WordPress Plugin WP Hotel Booking Cross-Site Request Forgery (1.10.1)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2026-29169)