Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 643
GHSA-m58f-9pvv-8mp2
Moodle vulnerable to brute-force password guesses
GHSA-c5cj-xp43-qcc3
Moodle's error handling leads to sensitive information disclosure
GHSA-w29j-8phw-ffjf
Moodle has a time restriction bypass
GHSA-422v-w6c5-vq42
Moodle exposed the names of hidden groups to users
GHSA-25wf-7x6c-wmpf
Moodle does not properly enforce MFA
GHSA-rc65-mhj4-hp4r
The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance.
GHSA-8fcv-4qp9-pg32
Moodle sends quiz-related messages to inactive/suspended users
GHSA-rjcm-7v2p-9265
Moodle course access permissions are not properly checked in course_output_fragment_course_overview
GHSA-7f5w-xxw9-mqgp
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data.
CVE-2025-62401
An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-m58f-9pvv-8mp2 Moodle vulnerable to brute-force password guesses | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-c5cj-xp43-qcc3 Moodle's error handling leads to sensitive information disclosure | CVSS3: 5.3 | 0% Низкий | около 2 месяцев назад |
| GHSA-w29j-8phw-ffjf Moodle has a time restriction bypass | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| GHSA-422v-w6c5-vq42 Moodle exposed the names of hidden groups to users | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| GHSA-25wf-7x6c-wmpf Moodle does not properly enforce MFA | CVSS3: 5.3 | 0% Низкий | около 2 месяцев назад |
| GHSA-rc65-mhj4-hp4r The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance. | CVSS3: 5.3 | 0% Низкий | около 2 месяцев назад |
| GHSA-8fcv-4qp9-pg32 Moodle sends quiz-related messages to inactive/suspended users | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| GHSA-rjcm-7v2p-9265 Moodle course access permissions are not properly checked in course_output_fragment_course_overview | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| GHSA-7f5w-xxw9-mqgp A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data. | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-62401 An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment. | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу