Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 643
GHSA-cpm7-mv33-jwf8
Moodle's AJAX section delete does not respect course_can_delete_section()
GHSA-6g5x-h5x7-q4mq
Moodle has an IDOR in web service which allows users enrolled in a course to access some details of other users
GHSA-m8qh-hx4c-h9hr
Moodle has a CSRF risk in Brickfield tool's analysis request action
GHSA-pj96-xh2w-fgqx
Moodle has an IDOR in messaging web service which allows access to some user details
GHSA-x45j-jq9q-gf3q
Moodle makes some user data available before completing second factor with MFA enabled
GHSA-57p3-67r2-vwm7
A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA).
GHSA-qhc7-xhc2-7p7w
Moodle self enrollment available before completing second factor with MFA enabled
GHSA-8m7c-hm88-2p97
Moodle shows hidden grades to users without permission on some grade reports
GHSA-69m9-rprc-2x7g
Moodle reveals student identities through assignment submissions search on anonymous submissions
GHSA-345q-9jmq-g9q4
Moodle allows unauthenticated REST API user data exposure
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-cpm7-mv33-jwf8 Moodle's AJAX section delete does not respect course_can_delete_section() | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| GHSA-6g5x-h5x7-q4mq Moodle has an IDOR in web service which allows users enrolled in a course to access some details of other users | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| GHSA-m8qh-hx4c-h9hr Moodle has a CSRF risk in Brickfield tool's analysis request action | 0% Низкий | 8 месяцев назад | |
| GHSA-pj96-xh2w-fgqx Moodle has an IDOR in messaging web service which allows access to some user details | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| GHSA-x45j-jq9q-gf3q Moodle makes some user data available before completing second factor with MFA enabled | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| GHSA-57p3-67r2-vwm7 A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA). | CVSS3: 7.1 | 0% Низкий | 8 месяцев назад |
| GHSA-qhc7-xhc2-7p7w Moodle self enrollment available before completing second factor with MFA enabled | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| GHSA-8m7c-hm88-2p97 Moodle shows hidden grades to users without permission on some grade reports | CVSS3: 5.3 | 0% Низкий | 8 месяцев назад |
| GHSA-69m9-rprc-2x7g Moodle reveals student identities through assignment submissions search on anonymous submissions | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| GHSA-345q-9jmq-g9q4 Moodle allows unauthenticated REST API user data exposure | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу