Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 541

CVE-2024-43437

12 месяцев назад

A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.

CVSS3: 5.4

EPSS: Низкий

GHSA-qrqv-26gf-xgwh

12 месяцев назад

Moodle LFI vulnerability when restoring malformed block backups

CVSS3: 7.5

EPSS: Низкий

GHSA-2r9m-wg35-rfvc

12 месяцев назад

Moodle vulnerable to cache poisoning via injection into storage

CVSS3: 7.7

EPSS: Низкий

GHSA-p9cx-f595-h79h

12 месяцев назад

Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users

CVSS3: 7.5

EPSS: Низкий

GHSA-mx26-62xm-2p83

12 месяцев назад

Moodle vulnerable to site administration SQL injection via XMLDB editor

CVSS3: 7.2

EPSS: Низкий

GHSA-vjmm-r9gg-425m

12 месяцев назад

Moodle has arbitrary file read risk through pdfTeX

CVSS3: 7.5

EPSS: Низкий

GHSA-v6f4-v8h8-3c87

12 месяцев назад

Moodle Remote Code Execution vulnerability

CVSS3: 8.1

EPSS: Высокий

GHSA-wwjf-gwrv-wh45

12 месяцев назад

Moodle's IDOR in badges allows deletion of arbitrary badges

CVSS3: 7.5

EPSS: Низкий

GHSA-x87r-37q5-mmr8

12 месяцев назад

Moodle has CSRF risk in Feedback non-respondents report

CVSS3: 8.1

EPSS: Низкий

CVE-2024-43440

12 месяцев назад

A flaw was found in moodle. A local file may include risks when restoring block backups.

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2024-43437 A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.	CVSS3: 5.4	1% Низкий	12 месяцев назад
GHSA-qrqv-26gf-xgwh Moodle LFI vulnerability when restoring malformed block backups	CVSS3: 7.5	0% Низкий	12 месяцев назад
GHSA-2r9m-wg35-rfvc Moodle vulnerable to cache poisoning via injection into storage	CVSS3: 7.7	0% Низкий	12 месяцев назад
GHSA-p9cx-f595-h79h Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users	CVSS3: 7.5	0% Низкий	12 месяцев назад
GHSA-mx26-62xm-2p83 Moodle vulnerable to site administration SQL injection via XMLDB editor	CVSS3: 7.2	0% Низкий	12 месяцев назад
GHSA-vjmm-r9gg-425m Moodle has arbitrary file read risk through pdfTeX	CVSS3: 7.5	1% Низкий	12 месяцев назад
GHSA-v6f4-v8h8-3c87 Moodle Remote Code Execution vulnerability	CVSS3: 8.1	90% Высокий	12 месяцев назад
GHSA-wwjf-gwrv-wh45 Moodle's IDOR in badges allows deletion of arbitrary badges	CVSS3: 7.5	0% Низкий	12 месяцев назад
GHSA-x87r-37q5-mmr8 Moodle has CSRF risk in Feedback non-respondents report	CVSS3: 8.1	0% Низкий	12 месяцев назад
CVE-2024-43440 A flaw was found in moodle. A local file may include risks when restoring block backups.	CVSS3: 7.5	0% Низкий	12 месяцев назад

Уязвимостей на страницу