Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
GHSA-6g5x-h5x7-q4mq
Moodle has an IDOR in web service which allows users enrolled in a course to access some details of other users
GHSA-9vc3-vm42-fjhm
Moodle's mod_data edit/delete pages pass CSRF token in GET parameter
GHSA-88xj-97gf-7wpq
Moodle has a CSRF risk in user tours manager that allows tour duplication
GHSA-cpm7-mv33-jwf8
Moodle's AJAX section delete does not respect course_can_delete_section()
GHSA-hxgg-4qww-85ph
Moodle has reflected Cross-site Scripting risk in policy tool
GHSA-pj96-xh2w-fgqx
Moodle has an IDOR in messaging web service which allows access to some user details
GHSA-m367-445c-2xqr
Moodle has an authenticated remote code execution risk in the Moodle LMS EQUELLA repository
GHSA-8m7c-hm88-2p97
Moodle shows hidden grades to users without permission on some grade reports
GHSA-345q-9jmq-g9q4
Moodle allows unauthenticated REST API user data exposure
GHSA-qhc7-xhc2-7p7w
Moodle self enrollment available before completing second factor with MFA enabled
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-6g5x-h5x7-q4mq Moodle has an IDOR in web service which allows users enrolled in a course to access some details of other users | CVSS3: 4.3 | 0% Низкий | 9 месяцев назад |
| GHSA-9vc3-vm42-fjhm Moodle's mod_data edit/delete pages pass CSRF token in GET parameter | CVSS3: 3.1 | 0% Низкий | 9 месяцев назад |
| GHSA-88xj-97gf-7wpq Moodle has a CSRF risk in user tours manager that allows tour duplication | CVSS3: 3.5 | 0% Низкий | 9 месяцев назад |
| GHSA-cpm7-mv33-jwf8 Moodle's AJAX section delete does not respect course_can_delete_section() | CVSS3: 4.3 | 0% Низкий | 9 месяцев назад |
| GHSA-hxgg-4qww-85ph Moodle has reflected Cross-site Scripting risk in policy tool | CVSS3: 5.4 | 0% Низкий | 9 месяцев назад |
| GHSA-pj96-xh2w-fgqx Moodle has an IDOR in messaging web service which allows access to some user details | CVSS3: 4.3 | 0% Низкий | 9 месяцев назад |
| GHSA-m367-445c-2xqr Moodle has an authenticated remote code execution risk in the Moodle LMS EQUELLA repository | CVSS3: 8.8 | 1% Низкий | 9 месяцев назад |
| GHSA-8m7c-hm88-2p97 Moodle shows hidden grades to users without permission on some grade reports | CVSS3: 5.3 | 0% Низкий | 9 месяцев назад |
| GHSA-345q-9jmq-g9q4 Moodle allows unauthenticated REST API user data exposure | CVSS3: 7.5 | 0% Низкий | 9 месяцев назад |
| GHSA-qhc7-xhc2-7p7w Moodle self enrollment available before completing second factor with MFA enabled | CVSS3: 4.3 | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу