Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 647

CVE-2021-43559

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...

CVSS3: 8.8

EPSS: Низкий

CVE-2021-43558

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.

CVSS3: 6.1

EPSS: Низкий

CVE-2021-43558

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...

CVSS3: 6.1

EPSS: Низкий

CVE-2021-3943

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified.

CVSS3: 9.8

EPSS: Низкий

CVE-2021-3943

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...

CVSS3: 9.8

EPSS: Низкий

CVE-2021-43560

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-43558

около 4 лет назад

CVSS3: 6.1

EPSS: Низкий

CVE-2021-43559

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.

CVSS3: 8.8

EPSS: Низкий

CVE-2021-3943

около 4 лет назад

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified.

CVSS3: 9.8

EPSS: Низкий

BDU:2021-06186

около 4 лет назад

Уязвимость системы управления Moodle, связанная с непринятием мер по защите структуры веб-страниц, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2021-43559 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...	CVSS3: 8.8	0% Низкий	около 4 лет назад
CVE-2021-43558 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.	CVSS3: 6.1	0% Низкий	около 4 лет назад
CVE-2021-43558 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...	CVSS3: 6.1	0% Низкий	около 4 лет назад
CVE-2021-3943 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified.	CVSS3: 9.8	1% Низкий	около 4 лет назад
CVE-2021-3943 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...	CVSS3: 9.8	1% Низкий	около 4 лет назад
CVE-2021-43560 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.	CVSS3: 5.3	0% Низкий	около 4 лет назад
CVE-2021-43558 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.	CVSS3: 6.1	0% Низкий	около 4 лет назад
CVE-2021-43559 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.	CVSS3: 8.8	0% Низкий	около 4 лет назад
CVE-2021-3943 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified.	CVSS3: 9.8	1% Низкий	около 4 лет назад
BDU:2021-06186 Уязвимость системы управления Moodle, связанная с непринятием мер по защите структуры веб-страниц, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)	CVSS3: 6.1	0% Низкий	около 4 лет назад

Уязвимостей на страницу