Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 647

GHSA-xxp4-mf4h-6cwm

больше 2 лет назад

Moodle vulnerable to Server Side Request Forgery

CVSS3: 7.5

EPSS: Низкий

CVE-2023-35133

больше 2 лет назад

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.

CVSS3: 7.5

EPSS: Низкий

CVE-2023-35133

больше 2 лет назад

An issue in the logic used to check 0.0.0.0 against the cURL blocked h ...

CVSS3: 7.5

EPSS: Низкий

CVE-2023-35132

больше 2 лет назад

A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.

CVSS3: 6.3

EPSS: Низкий

CVE-2023-35132

больше 2 лет назад

A limited SQL injection risk was identified on the Mnet SSO access con ...

CVSS3: 6.3

EPSS: Низкий

CVE-2023-35131

больше 2 лет назад

Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.

CVSS3: 6.1

EPSS: Низкий

CVE-2023-35131

больше 2 лет назад

Content on the groups page required additional sanitizing to prevent a ...

CVSS3: 6.1

EPSS: Низкий

CVE-2023-35131

больше 2 лет назад

Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.

CVSS3: 6.1

EPSS: Низкий

CVE-2023-35132

больше 2 лет назад

A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.

CVSS3: 6.3

EPSS: Низкий

CVE-2023-35133

больше 2 лет назад

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
GHSA-xxp4-mf4h-6cwm Moodle vulnerable to Server Side Request Forgery	CVSS3: 7.5	0% Низкий	больше 2 лет назад
CVE-2023-35133 An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.	CVSS3: 7.5	0% Низкий	больше 2 лет назад
CVE-2023-35133 An issue in the logic used to check 0.0.0.0 against the cURL blocked h ...	CVSS3: 7.5	0% Низкий	больше 2 лет назад
CVE-2023-35132 A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.	CVSS3: 6.3	0% Низкий	больше 2 лет назад
CVE-2023-35132 A limited SQL injection risk was identified on the Mnet SSO access con ...	CVSS3: 6.3	0% Низкий	больше 2 лет назад
CVE-2023-35131 Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.	CVSS3: 6.1	1% Низкий	больше 2 лет назад
CVE-2023-35131 Content on the groups page required additional sanitizing to prevent a ...	CVSS3: 6.1	1% Низкий	больше 2 лет назад
CVE-2023-35131 Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.	CVSS3: 6.1	1% Низкий	больше 2 лет назад
CVE-2023-35132 A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.	CVSS3: 6.3	0% Низкий	больше 2 лет назад
CVE-2023-35133 An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.	CVSS3: 7.5	0% Низкий	больше 2 лет назад

Уязвимостей на страницу