Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
CVE-2024-25979
The URL parameters accepted by forum search were not limited to the allowed parameters.
GHSA-5p2x-8427-9fgp
Moodle Improper Access Control vulnerability
CVE-2024-1439
Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent.
CVE-2024-1439
Inadequate access control in Moodle LMS. This vulnerability could allo ...
CVE-2024-1439
Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent.
BDU:2024-02981
Уязвимость виртуальной обучающей среды Moodle, связанная с недостатками контроля доступа, позволяющая нарушителю с ролью student создавать произвольные события
GHSA-p657-7739-2grh
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.
CVE-2023-5543
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.
CVE-2023-5543
When duplicating a BigBlueButton activity, the original meeting ID was ...
CVE-2023-5543
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2024-25979 The URL parameters accepted by forum search were not limited to the allowed parameters. | CVSS3: 5.3 | 0% Низкий | почти 2 года назад |
| GHSA-5p2x-8427-9fgp Moodle Improper Access Control vulnerability | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
 | CVE-2024-1439 Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent. | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
| CVE-2024-1439 Inadequate access control in Moodle LMS. This vulnerability could allo ... | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
| CVE-2024-1439 Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent. | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
 | BDU:2024-02981 Уязвимость виртуальной обучающей среды Moodle, связанная с недостатками контроля доступа, позволяющая нарушителю с ролью student создавать произвольные события | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
| GHSA-p657-7739-2grh When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting. | CVSS3: 3.3 | 0% Низкий | больше 2 лет назад |
| CVE-2023-5543 When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting. | CVSS3: 3.3 | 0% Низкий | больше 2 лет назад |
| CVE-2023-5543 When duplicating a BigBlueButton activity, the original meeting ID was ... | CVSS3: 3.3 | 0% Низкий | больше 2 лет назад |
| CVE-2023-5543 When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting. | CVSS3: 3.3 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу