Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 541

CVE-2017-7531

больше 8 лет назад

In Moodle 3.3, the course overview block reveals activities in hidden courses.

CVSS3: 4.3

EPSS: Низкий

CVE-2017-7532

больше 8 лет назад

In Moodle 3.x, course creators are able to change system default settings for courses.

CVSS3: 6.5

EPSS: Низкий

CVE-2017-2642

больше 8 лет назад

Moodle 3.x has user fullname disclosure on the user preferences page.

CVSS3: 6.5

EPSS: Низкий

CVE-2017-7491

больше 8 лет назад

In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.

CVSS3: 4.3

EPSS: Низкий

CVE-2017-7491

больше 8 лет назад

In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers ...

CVSS3: 4.3

EPSS: Низкий

CVE-2017-7490

больше 8 лет назад

In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.

CVSS3: 5.3

EPSS: Низкий

CVE-2017-7490

больше 8 лет назад

In Moodle 2.x and 3.x, searching of arbitrary blogs is possible becaus ...

CVSS3: 5.3

EPSS: Низкий

CVE-2017-7489

больше 8 лет назад

In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.

CVSS3: 6.3

EPSS: Низкий

CVE-2017-7489

больше 8 лет назад

In Moodle 2.x and 3.x, remote authenticated users can take ownership o ...

CVSS3: 6.3

EPSS: Низкий

CVE-2017-7489

больше 8 лет назад

In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.

CVSS3: 6.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2017-7531 In Moodle 3.3, the course overview block reveals activities in hidden courses.	CVSS3: 4.3	0% Низкий	больше 8 лет назад
CVE-2017-7532 In Moodle 3.x, course creators are able to change system default settings for courses.	CVSS3: 6.5	0% Низкий	больше 8 лет назад
CVE-2017-2642 Moodle 3.x has user fullname disclosure on the user preferences page.	CVSS3: 6.5	0% Низкий	больше 8 лет назад
CVE-2017-7491 In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.	CVSS3: 4.3	0% Низкий	больше 8 лет назад
CVE-2017-7491 In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers ...	CVSS3: 4.3	0% Низкий	больше 8 лет назад
CVE-2017-7490 In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.	CVSS3: 5.3	0% Низкий	больше 8 лет назад
CVE-2017-7490 In Moodle 2.x and 3.x, searching of arbitrary blogs is possible becaus ...	CVSS3: 5.3	0% Низкий	больше 8 лет назад
CVE-2017-7489 In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.	CVSS3: 6.3	0% Низкий	больше 8 лет назад
CVE-2017-7489 In Moodle 2.x and 3.x, remote authenticated users can take ownership o ...	CVSS3: 6.3	0% Низкий	больше 8 лет назад
CVE-2017-7489 In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.	CVSS3: 6.3	0% Низкий	больше 8 лет назад

Уязвимостей на страницу