Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
CVE-2025-62401
An issue in Moodle\u2019s timed assignment feature allowed students to ...
CVE-2025-62401
An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.
CVE-2025-62400
Moodle exposed the names of hidden groups to users who had permission ...
CVE-2025-62400
Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.
CVE-2025-62399
Moodle\u2019s mobile and web service authentication endpoints did not ...
CVE-2025-62399
Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.
CVE-2025-62398
A serious authentication flaw allowed attackers with valid credentials ...
CVE-2025-62398
A serious authentication flaw allowed attackers with valid credentials to bypass multi-factor authentication under certain conditions, potentially compromising user accounts.
CVE-2025-62397
The router\u2019s inconsistent response to invalid course IDs allowed ...
CVE-2025-62397
The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2025-62401 An issue in Moodle\u2019s timed assignment feature allowed students to ... | CVSS3: 5.4 | 0% Низкий | 3 месяца назад |
 | CVE-2025-62401 An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment. | CVSS3: 5.4 | 0% Низкий | 3 месяца назад |
| CVE-2025-62400 Moodle exposed the names of hidden groups to users who had permission ... | CVSS3: 4.3 | 0% Низкий | 3 месяца назад |
| CVE-2025-62400 Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information. | CVSS3: 4.3 | 0% Низкий | 3 месяца назад |
| CVE-2025-62399 Moodle\u2019s mobile and web service authentication endpoints did not ... | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| CVE-2025-62399 Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks. | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| CVE-2025-62398 A serious authentication flaw allowed attackers with valid credentials ... | CVSS3: 5.4 | 0% Низкий | 3 месяца назад |
| CVE-2025-62398 A serious authentication flaw allowed attackers with valid credentials to bypass multi-factor authentication under certain conditions, potentially compromising user accounts. | CVSS3: 5.4 | 0% Низкий | 3 месяца назад |
| CVE-2025-62397 The router\u2019s inconsistent response to invalid course IDs allowed ... | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| CVE-2025-62397 The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу