The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk. This flaw affects Moodle versions 4.1 to 4.1.1. Reference: https://moodle.org/mod/forum/discuss.php?d=445067
Created moodle tracking bugs for this issue: Affects: epel-7 [bug 2180091] Affects: fedora-all [bug 2180090]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.