Moodle — система управления образовательными электронными курсами

Moodle multiple cross-site request forgery (CSRF) vulnerabilities

Moodle multiple cross-site scripting (XSS) vulnerabilities

Moodle cross-site scripting (XSS) vulnerability

Moodle does not properly implement group-based access restrictions

Moodle mishandles group-based authorization checks

The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants."

Moodle cross-site request forgery (CSRF) vulnerability

Moodle multiple cross-site scripting (XSS) vulnerabilities

Moodle allows attackers to enter additional answer attempts

Moodle uses predictable password-recovery tokens