Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 541

GHSA-c9hq-g4q8-w893

больше 4 лет назад

Privilage Escalation in moodle

CVSS3: 5.3

EPSS: Низкий

GHSA-vxhx-gmhm-623c

больше 4 лет назад

Improper Access Control in moodle

CVSS3: 7.5

EPSS: Низкий

GHSA-7h8v-2v8x-h264

больше 4 лет назад

SQL Injection in moodle

CVSS3: 6.5

EPSS: Низкий

GHSA-x2jp-hh65-4xvf

больше 4 лет назад

Cross-site scripting (XSS) and Server side request forgery (SSRF) in moodle

CVSS3: 5.4

EPSS: Низкий

CVE-2019-14831

больше 4 лет назад

A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where forum subscribe link contained an open redirect if forced subscription mode was enabled. If a forum's subscription mode was set to "forced subscription", the forum's subscribe link contained an open redirect.

CVSS3: 6.1

EPSS: Низкий

CVE-2019-14831

больше 4 лет назад

A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to ...

CVSS3: 6.1

EPSS: Низкий

CVE-2019-14830

больше 4 лет назад

A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where the mobile launch endpoint contained an open redirect in some circumstances, which could result in a user's mobile access token being exposed. (Note: This does not affect sites with a forced URL scheme configured, mobile service disabled, or where the mobile app login method is "via the app").

CVSS3: 6.1

EPSS: Низкий

CVE-2019-14830

больше 4 лет назад

A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to ...

CVSS3: 6.1

EPSS: Низкий

CVE-2019-14829

больше 4 лет назад

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.

CVSS3: 4.3

EPSS: Низкий

CVE-2019-14829

больше 4 лет назад

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6 ...

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
GHSA-c9hq-g4q8-w893 Privilage Escalation in moodle	CVSS3: 5.3	0% Низкий	больше 4 лет назад
GHSA-vxhx-gmhm-623c Improper Access Control in moodle	CVSS3: 7.5	0% Низкий	больше 4 лет назад
GHSA-7h8v-2v8x-h264 SQL Injection in moodle	CVSS3: 6.5	0% Низкий	больше 4 лет назад
GHSA-x2jp-hh65-4xvf Cross-site scripting (XSS) and Server side request forgery (SSRF) in moodle	CVSS3: 5.4	1% Низкий	больше 4 лет назад
CVE-2019-14831 A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where forum subscribe link contained an open redirect if forced subscription mode was enabled. If a forum's subscription mode was set to "forced subscription", the forum's subscribe link contained an open redirect.	CVSS3: 6.1	0% Низкий	больше 4 лет назад
CVE-2019-14831 A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to ...	CVSS3: 6.1	0% Низкий	больше 4 лет назад
CVE-2019-14830 A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where the mobile launch endpoint contained an open redirect in some circumstances, which could result in a user's mobile access token being exposed. (Note: This does not affect sites with a forced URL scheme configured, mobile service disabled, or where the mobile app login method is "via the app").	CVSS3: 6.1	1% Низкий	больше 4 лет назад
CVE-2019-14830 A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to ...	CVSS3: 6.1	1% Низкий	больше 4 лет назад
CVE-2019-14829 A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.	CVSS3: 4.3	0% Низкий	больше 4 лет назад
CVE-2019-14829 A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6 ...	CVSS3: 4.3	0% Низкий	больше 4 лет назад

Уязвимостей на страницу