Security
Source: moodle.org
Published:
<p>Insufficient CSRF token and capability checks were applied to an MNet admin setting.</p> <p>The upstream AWS SDK for PHP library was upgraded, which included a security fix.</p> <p>The grade penalty rules reset function did not include the necessary token to prevent a CSRF risk.</p> <p>The PHPUni