Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 541

GHSA-8jhp-2gcr-qw96

почти 4 года назад

Moodle vulnerable to RCE via unsafe deserialization

CVSS3: 9.8

EPSS: Низкий

GHSA-wpfp-q843-v772

почти 4 года назад

Cross-site Scripting in moodle

CVSS3: 6.1

EPSS: Низкий

CVE-2021-43560

почти 4 года назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-43560

почти 4 года назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...

CVSS3: 5.3

EPSS: Низкий

CVE-2021-43559

почти 4 года назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.

CVSS3: 8.8

EPSS: Низкий

CVE-2021-43559

почти 4 года назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...

CVSS3: 8.8

EPSS: Низкий

CVE-2021-43558

почти 4 года назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.

CVSS3: 6.1

EPSS: Низкий

CVE-2021-43558

почти 4 года назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...

CVSS3: 6.1

EPSS: Низкий

CVE-2021-3943

почти 4 года назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified.

CVSS3: 9.8

EPSS: Низкий

CVE-2021-3943

почти 4 года назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
GHSA-8jhp-2gcr-qw96 Moodle vulnerable to RCE via unsafe deserialization	CVSS3: 9.8	1% Низкий	почти 4 года назад
GHSA-wpfp-q843-v772 Cross-site Scripting in moodle	CVSS3: 6.1	1% Низкий	почти 4 года назад
CVE-2021-43560 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.	CVSS3: 5.3	0% Низкий	почти 4 года назад
CVE-2021-43560 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...	CVSS3: 5.3	0% Низкий	почти 4 года назад
CVE-2021-43559 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.	CVSS3: 8.8	0% Низкий	почти 4 года назад
CVE-2021-43559 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...	CVSS3: 8.8	0% Низкий	почти 4 года назад
CVE-2021-43558 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.	CVSS3: 6.1	1% Низкий	почти 4 года назад
CVE-2021-43558 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...	CVSS3: 6.1	1% Низкий	почти 4 года назад
CVE-2021-3943 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified.	CVSS3: 9.8	1% Низкий	почти 4 года назад
CVE-2021-3943 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...	CVSS3: 9.8	1% Низкий	почти 4 года назад

Уязвимостей на страницу