Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
GHSA-q99x-mjmh-v8w7
Moodle's user/power level management inconsistent with suspended users
GHSA-vpq5-56jj-vf2m
Moodle admin presets export tool includes some secrets that should not be exported
GHSA-jpf2-9ppp-2c49
Moodle has insufficient access control
GHSA-4gq2-x5w4-7hp8
Moodle has insufficient capability checks
GHSA-c767-4whh-v7rw
Moodle has user information visibility control issues in gradebook reports
CVE-2024-43437
A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.
CVE-2024-43437
A flaw was found in moodle. Insufficient sanitizing of data when perfo ...
CVE-2024-43435
A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.
CVE-2024-43435
A flaw was found in moodle. Insufficient capability checks make it pos ...
CVE-2024-43433
A flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-q99x-mjmh-v8w7 Moodle's user/power level management inconsistent with suspended users | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| GHSA-vpq5-56jj-vf2m Moodle admin presets export tool includes some secrets that should not be exported | CVSS3: 3.7 | 0% Низкий | около 1 года назад |
| GHSA-jpf2-9ppp-2c49 Moodle has insufficient access control | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| GHSA-4gq2-x5w4-7hp8 Moodle has insufficient capability checks | CVSS3: 5.3 | 1% Низкий | около 1 года назад |
| GHSA-c767-4whh-v7rw Moodle has user information visibility control issues in gradebook reports | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
 | CVE-2024-43437 A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files. | CVSS3: 5.4 | 1% Низкий | около 1 года назад |
| CVE-2024-43437 A flaw was found in moodle. Insufficient sanitizing of data when perfo ... | CVSS3: 5.4 | 1% Низкий | около 1 года назад |
| CVE-2024-43435 A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary. | CVSS3: 5.3 | 1% Низкий | около 1 года назад |
| CVE-2024-43435 A flaw was found in moodle. Insufficient capability checks make it pos ... | CVSS3: 5.3 | 1% Низкий | около 1 года назад |
| CVE-2024-43433 A flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу