Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
CVE-2017-7491
In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers ...
CVE-2017-7490
In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.
CVE-2017-7490
In Moodle 2.x and 3.x, searching of arbitrary blogs is possible becaus ...
CVE-2017-7489
In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.
CVE-2017-7489
In Moodle 2.x and 3.x, remote authenticated users can take ownership o ...
CVE-2017-7491
In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.
CVE-2017-7490
In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.
CVE-2017-7489
In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.
CVE-2016-3734
Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.
CVE-2016-3734
Cross-site request forgery (CSRF) vulnerability in markposts.php in Mo ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2017-7491 In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers ... | CVSS3: 4.3 | 0% Низкий | больше 8 лет назад |
 | CVE-2017-7490 In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing. | CVSS3: 5.3 | 0% Низкий | больше 8 лет назад |
| CVE-2017-7490 In Moodle 2.x and 3.x, searching of arbitrary blogs is possible becaus ... | CVSS3: 5.3 | 0% Низкий | больше 8 лет назад |
| CVE-2017-7489 In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link. | CVSS3: 6.3 | 0% Низкий | больше 8 лет назад |
| CVE-2017-7489 In Moodle 2.x and 3.x, remote authenticated users can take ownership o ... | CVSS3: 6.3 | 0% Низкий | больше 8 лет назад |
 | CVE-2017-7491 In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting. | CVSS3: 4.3 | 0% Низкий | больше 8 лет назад |
| CVE-2017-7490 In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing. | CVSS3: 5.3 | 0% Низкий | больше 8 лет назад |
| CVE-2017-7489 In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link. | CVSS3: 6.3 | 0% Низкий | больше 8 лет назад |
| CVE-2016-3734 Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read. | CVSS3: 8.8 | 0% Низкий | почти 9 лет назад |
| CVE-2016-3734 Cross-site request forgery (CSRF) vulnerability in markposts.php in Mo ... | CVSS3: 8.8 | 0% Низкий | почти 9 лет назад |
Уязвимостей на страницу