Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 577

GHSA-x32v-7qw8-cpq8

больше 3 лет назад

Moodle Unauthenticated Access

CVSS3: 5.3

EPSS: Низкий

GHSA-69xm-pcg8-8qxm

больше 3 лет назад

In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.

CVSS3: 4.3

EPSS: Низкий

GHSA-gccq-w3xv-4gqh

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the get_description function in lib/classes/event/user_login_failed.php in Moodle 2.7.x before 2.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted username that is improperly handled during the logging of an invalid login attempt.

EPSS: Низкий

GHSA-xmwv-mqh8-4xgw

больше 3 лет назад

Moodle allows remote attackers to read arbitrary files

EPSS: Низкий

GHSA-3m99-h3hp-w9j7

больше 3 лет назад

Moodle remote code execution via quiz questions

EPSS: Низкий

GHSA-c4cq-v4wp-28hg

больше 3 лет назад

Moodle sensitive information disclosure

CVSS3: 5.4

EPSS: Низкий

GHSA-x47x-gxp5-7pvg

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in admin/tool/task/scheduledtasks.php in Moodle 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted (1) error or (2) success message for a scheduled task.

EPSS: Низкий

GHSA-27j2-c838-c3qg

больше 3 лет назад

Moodle Arbitrary File Read via XML External Entity vulnerability

EPSS: Низкий

GHSA-fccf-p8fx-vjj4

больше 3 лет назад

Moodle vulnerable to PHP object injection attacks

EPSS: Низкий

GHSA-hwjv-mc78-cccj

больше 3 лет назад

Moodle multiple cross-site scripting (XSS) vulnerabilities

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
GHSA-x32v-7qw8-cpq8 Moodle Unauthenticated Access	CVSS3: 5.3	0% Низкий	больше 3 лет назад
GHSA-69xm-pcg8-8qxm In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.	CVSS3: 4.3	0% Низкий	больше 3 лет назад
GHSA-gccq-w3xv-4gqh Cross-site scripting (XSS) vulnerability in the get_description function in lib/classes/event/user_login_failed.php in Moodle 2.7.x before 2.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted username that is improperly handled during the logging of an invalid login attempt.		0% Низкий	больше 3 лет назад
GHSA-xmwv-mqh8-4xgw Moodle allows remote attackers to read arbitrary files		0% Низкий	больше 3 лет назад
GHSA-3m99-h3hp-w9j7 Moodle remote code execution via quiz questions		1% Низкий	больше 3 лет назад
GHSA-c4cq-v4wp-28hg Moodle sensitive information disclosure	CVSS3: 5.4	0% Низкий	больше 3 лет назад
GHSA-x47x-gxp5-7pvg Multiple cross-site scripting (XSS) vulnerabilities in admin/tool/task/scheduledtasks.php in Moodle 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted (1) error or (2) success message for a scheduled task.		0% Низкий	больше 3 лет назад
GHSA-27j2-c838-c3qg Moodle Arbitrary File Read via XML External Entity vulnerability		0% Низкий	больше 3 лет назад
GHSA-fccf-p8fx-vjj4 Moodle vulnerable to PHP object injection attacks		2% Низкий	больше 3 лет назад
GHSA-hwjv-mc78-cccj Moodle multiple cross-site scripting (XSS) vulnerabilities		0% Низкий	больше 3 лет назад

Уязвимостей на страницу