Description
qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4297)
Drupal Core 8.x.x Information Disclosure (8.0.0 - 8.7.14)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10969)
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-33331)
WordPress Plugin Connections Business Directory Cross-Site Scripting (8.5.8)