Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 535
CVE-2023-5541
The CSV grade import method contained an XSS risk for users importing ...
CVE-2023-5540
A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.
CVE-2023-5540
A remote code execution risk was identified in the IMSCP activity. By ...
CVE-2023-5539
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.
CVE-2023-5539
A remote code execution risk was identified in the Lesson activity. By ...
CVE-2023-5542
Students in "Only see own membership" groups could see other students in the group, which should be hidden.
CVE-2023-5541
The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.
CVE-2023-5539
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.
CVE-2023-5550
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2023-5541 The CSV grade import method contained an XSS risk for users importing ... | CVSS3: 3.3 | 0% Низкий | почти 2 года назад |
 | CVE-2023-5540 A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers. | CVSS3: 4.7 | 2% Низкий | почти 2 года назад |
| CVE-2023-5540 A remote code execution risk was identified in the IMSCP activity. By ... | CVSS3: 4.7 | 2% Низкий | почти 2 года назад |
| CVE-2023-5539 A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers. | CVSS3: 4.7 | 2% Низкий | почти 2 года назад |
| CVE-2023-5539 A remote code execution risk was identified in the Lesson activity. By ... | CVSS3: 4.7 | 2% Низкий | почти 2 года назад |
 | CVE-2023-5542 Students in "Only see own membership" groups could see other students in the group, which should be hidden. | CVSS3: 3.3 | 0% Низкий | почти 2 года назад |
| CVE-2023-5541 The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content. | CVSS3: 3.3 | 0% Низкий | почти 2 года назад |
| CVE-2023-5539 A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers. | CVSS3: 4.7 | 2% Низкий | почти 2 года назад |
| CVE-2023-5550 In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution. | CVSS3: 6.5 | 1% Низкий | почти 2 года назад |
| CVE-2023-5546 ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. | CVSS3: 4.3 | 1% Низкий | почти 2 года назад |
Уязвимостей на страницу