Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 541
CVE-2019-10186
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool.
CVE-2019-10189
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment.
CVE-2019-10187
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to.
CVE-2019-10188
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same quiz.
BDU:2020-02113
Уязвимость виртуальной обучающей среды moodle, связанная с недостатками контроля доступа, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
CVE-2019-10154
A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations.
CVE-2019-10154
A flaw was found in Moodle before versions 3.7, 3.6.4. A web service f ...
CVE-2019-10134
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.
CVE-2019-10134
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. ...
CVE-2019-10133
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2019-10186 A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool. | CVSS3: 8.8 | 0% Низкий | около 6 лет назад |
| CVE-2019-10189 A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment. | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-10187 A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to. | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-10188 A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same quiz. | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
 | BDU:2020-02113 Уязвимость виртуальной обучающей среды moodle, связанная с недостатками контроля доступа, позволяющая нарушителю оказать воздействие на целостность защищаемой информации | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
 | CVE-2019-10154 A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-10154 A flaw was found in Moodle before versions 3.7, 3.6.4. A web service f ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-10134 A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded. | CVSS3: 3.7 | 0% Низкий | около 6 лет назад |
| CVE-2019-10134 A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. ... | CVSS3: 3.7 | 0% Низкий | около 6 лет назад |
| CVE-2019-10133 A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs. | CVSS3: 3.1 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу