Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 470

GHSA-9q29-jcjw-fw7h

почти 3 года назад

Moodle Incorrect Authorization vulnerability

CVSS3: 8.8

EPSS: Средний

GHSA-fcpw-vqh5-6qwj

почти 3 года назад

Moodle reflected XSS Vulnerability

CVSS3: 6.1

EPSS: Низкий

GHSA-g9qp-5vrr-hh2c

почти 3 года назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.

CVSS3: 7.5

EPSS: Низкий

GHSA-625r-4rf7-g699

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.

CVSS3: 7.2

EPSS: Низкий

CVE-2020-1756

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.

CVSS3: 7.2

EPSS: Низкий

CVE-2020-1756

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input es ...

CVSS3: 7.2

EPSS: Низкий

CVE-2020-1755

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.

CVSS3: 5.3

EPSS: Низкий

CVE-2020-1755

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For heade ...

CVSS3: 5.3

EPSS: Низкий

CVE-2020-14322

почти 3 года назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2020-14322

почти 3 года назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to l ...

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
GHSA-9q29-jcjw-fw7h Moodle Incorrect Authorization vulnerability	CVSS3: 8.8	64% Средний	почти 3 года назад
GHSA-fcpw-vqh5-6qwj Moodle reflected XSS Vulnerability	CVSS3: 6.1	1% Низкий	почти 3 года назад
GHSA-g9qp-5vrr-hh2c In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.	CVSS3: 7.5	0% Низкий	почти 3 года назад
GHSA-625r-4rf7-g699 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.	CVSS3: 7.2	1% Низкий	почти 3 года назад
CVE-2020-1756 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.	CVSS3: 7.2	1% Низкий	почти 3 года назад
CVE-2020-1756 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input es ...	CVSS3: 7.2	1% Низкий	почти 3 года назад
CVE-2020-1755 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.	CVSS3: 5.3	0% Низкий	почти 3 года назад
CVE-2020-1755 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For heade ...	CVSS3: 5.3	0% Низкий	почти 3 года назад
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.	CVSS3: 7.5	0% Низкий	почти 3 года назад
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to l ...	CVSS3: 7.5	0% Низкий	почти 3 года назад

Уязвимостей на страницу