Security Announcements

Picture of Helen Foster
MSA-09-0022: Multiple CSRF problems fixed
Topic: Multiple CSRF problems fixed
Severity/Risk: Major
Versions affected: <1.8.11 and <1.9.7
Reported by: internal code review
Issue no.: MDL-20705, MDL-20707, MDL-20706, MDL-20925, MDL-20929, MDL-20930, MDL-20931, MDL-20901
Solution: upgrade to 1.8.11 or 1.9.7
Workaround: none

We have discovered and fixed multiple cross site request forgery (CSRF) problems during internal code review.