Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 470

CVE-2021-36397

больше 2 лет назад

In Moodle, insufficient capability checks meant message deletions were not limited to the current user.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-36397

больше 2 лет назад

In Moodle, insufficient capability checks meant message deletions were ...

CVSS3: 5.3

EPSS: Низкий

CVE-2021-36400

больше 2 лет назад

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-36401

больше 2 лет назад

In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk.

CVSS3: 4.8

EPSS: Низкий

CVE-2021-36398

больше 2 лет назад

In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.

CVSS3: 5.4

EPSS: Низкий

CVE-2021-36397

больше 2 лет назад

In Moodle, insufficient capability checks meant message deletions were not limited to the current user.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-36399

больше 2 лет назад

In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.

CVSS3: 5.4

EPSS: Низкий

GHSA-273w-7fxj-pcp6

больше 2 лет назад

Moodle vulnerable to Uncontrolled Resource Consumption

CVSS3: 7.5

EPSS: Низкий

GHSA-4rmj-w58m-fvch

больше 2 лет назад

Moodle vulnerable to Server-Side Request Forgery

CVSS3: 7.5

EPSS: Низкий

GHSA-f46j-r7q3-6cm2

больше 2 лет назад

Moodle SQL Injection vulnerability

CVSS3: 9.8

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2021-36397 In Moodle, insufficient capability checks meant message deletions were not limited to the current user.	CVSS3: 5.3	0% Низкий	больше 2 лет назад
CVE-2021-36397 In Moodle, insufficient capability checks meant message deletions were ...	CVSS3: 5.3	0% Низкий	больше 2 лет назад
CVE-2021-36400 In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.	CVSS3: 5.3	0% Низкий	больше 2 лет назад
CVE-2021-36401 In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk.	CVSS3: 4.8	0% Низкий	больше 2 лет назад
CVE-2021-36398 In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.	CVSS3: 5.4	1% Низкий	больше 2 лет назад
CVE-2021-36397 In Moodle, insufficient capability checks meant message deletions were not limited to the current user.	CVSS3: 5.3	0% Низкий	больше 2 лет назад
CVE-2021-36399 In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.	CVSS3: 5.4	1% Низкий	больше 2 лет назад
GHSA-273w-7fxj-pcp6 Moodle vulnerable to Uncontrolled Resource Consumption	CVSS3: 7.5	0% Низкий	больше 2 лет назад
GHSA-4rmj-w58m-fvch Moodle vulnerable to Server-Side Request Forgery	CVSS3: 7.5	1% Низкий	больше 2 лет назад
GHSA-f46j-r7q3-6cm2 Moodle SQL Injection vulnerability	CVSS3: 9.8	26% Средний	больше 2 лет назад

Уязвимостей на страницу