Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 541

CVE-2019-10186

больше 6 лет назад

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.

CVSS3: 8.8

EPSS: Низкий

CVE-2019-10189

больше 6 лет назад

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment.

CVSS3: 4.3

EPSS: Низкий

CVE-2019-10187

больше 6 лет назад

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.

CVSS3: 4.3

EPSS: Низкий

CVE-2019-10188

больше 6 лет назад

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same quiz.

CVSS3: 4.3

EPSS: Низкий

BDU:2020-02113

больше 6 лет назад

Уязвимость виртуальной обучающей среды moodle, связанная с недостатками контроля доступа, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

CVSS3: 4.3

EPSS: Низкий

CVE-2019-10154

больше 6 лет назад

A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.

CVSS3: 7.5

EPSS: Низкий

CVE-2019-10154

больше 6 лет назад

A flaw was found in Moodle before versions 3.7, 3.6.4. A web service f ...

CVSS3: 7.5

EPSS: Низкий

CVE-2019-10134

больше 6 лет назад

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.

CVSS3: 3.7

EPSS: Низкий

CVE-2019-10134

больше 6 лет назад

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. ...

CVSS3: 3.7

EPSS: Низкий

CVE-2019-10133

больше 6 лет назад

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.

CVSS3: 3.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2019-10186 A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.	CVSS3: 8.8	0% Низкий	больше 6 лет назад
CVE-2019-10189 A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment.	CVSS3: 4.3	0% Низкий	больше 6 лет назад
CVE-2019-10187 A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.	CVSS3: 4.3	0% Низкий	больше 6 лет назад
CVE-2019-10188 A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same quiz.	CVSS3: 4.3	0% Низкий	больше 6 лет назад
BDU:2020-02113 Уязвимость виртуальной обучающей среды moodle, связанная с недостатками контроля доступа, позволяющая нарушителю оказать воздействие на целостность защищаемой информации	CVSS3: 4.3	0% Низкий	больше 6 лет назад
CVE-2019-10154 A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.	CVSS3: 7.5	0% Низкий	больше 6 лет назад
CVE-2019-10154 A flaw was found in Moodle before versions 3.7, 3.6.4. A web service f ...	CVSS3: 7.5	0% Низкий	больше 6 лет назад
CVE-2019-10134 A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.	CVSS3: 3.7	0% Низкий	больше 6 лет назад
CVE-2019-10134 A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. ...	CVSS3: 3.7	0% Низкий	больше 6 лет назад
CVE-2019-10133 A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.	CVSS3: 3.1	0% Низкий	больше 6 лет назад

Уязвимостей на страницу