Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 535
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.
GHSA-32jc-9p58-p82x
Moodle Improper Access Control vulnerability
GHSA-97qf-pq7x-964m
Moodle Cross-site Scripting vulnerability
GHSA-grmj-gpwm-98ww
Moodle Cross-site Scripting vulnerability
CVE-2023-23923
The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
CVE-2023-23923
The vulnerability was found Moodle which exists due to insufficient li ...
CVE-2023-23922
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.
CVE-2023-23922
The vulnerability was found Moodle which exists due to insufficient sa ...
CVE-2023-23921
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.
CVE-2023-23921
The vulnerability was found Moodle which exists due to insufficient sa ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2021-36394 In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin. | CVSS3: 9.8 | 19% Средний | больше 2 лет назад |
| GHSA-32jc-9p58-p82x Moodle Improper Access Control vulnerability | CVSS3: 8.2 | 0% Низкий | больше 2 лет назад |
| GHSA-97qf-pq7x-964m Moodle Cross-site Scripting vulnerability | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
| GHSA-grmj-gpwm-98ww Moodle Cross-site Scripting vulnerability | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-23923 The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality. | CVSS3: 8.2 | 0% Низкий | больше 2 лет назад |
| CVE-2023-23923 The vulnerability was found Moodle which exists due to insufficient li ... | CVSS3: 8.2 | 0% Низкий | больше 2 лет назад |
| CVE-2023-23922 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks. | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
| CVE-2023-23922 The vulnerability was found Moodle which exists due to insufficient sa ... | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
| CVE-2023-23921 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks. | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
| CVE-2023-23921 The vulnerability was found Moodle which exists due to insufficient sa ... | CVSS3: 6.1 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу