Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
CVE-2025-62396
An error-handling issue in the Moodle router (r.php) could cause the a ...
CVE-2025-62396
An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.
CVE-2025-62395
A flaw in the cohort search web service allowed users with permissions ...
CVE-2025-62395
A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data.
CVE-2025-62394
Moodle failed to verify enrolment status correctly when sending quiz n ...
CVE-2025-62394
Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information.
CVE-2025-62393
A flaw was found in the course overview output function where user acc ...
CVE-2025-62393
A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.
CVE-2025-62396
An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.
CVE-2025-62397
The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2025-62396 An error-handling issue in the Moodle router (r.php) could cause the a ... | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
 | CVE-2025-62396 An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured. | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-62395 A flaw in the cohort search web service allowed users with permissions ... | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-62395 A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-62394 Moodle failed to verify enrolment status correctly when sending quiz n ... | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-62394 Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-62393 A flaw was found in the course overview output function where user acc ... | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-62393 A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details. | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
 | CVE-2025-62396 An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured. | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
| CVE-2025-62397 The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance. | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
Уязвимостей на страницу