Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
CVE-2023-28335
The link to reset all templates of a database activity did not include ...
CVE-2023-28334
Authenticated users were able to enumerate other users' names via the learning plans page.
CVE-2023-28334
Authenticated users were able to enumerate other users' names via the ...
CVE-2023-28333
The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).
CVE-2023-28333
The Mustache pix helper contained a potential Mustache injection risk ...
CVE-2023-28332
If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.
CVE-2023-28332
If the algebra filter was enabled but not functional (eg the necessary ...
CVE-2023-28331
Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.
CVE-2023-28331
Content output by the database auto-linking filter required additional ...
CVE-2023-28330
Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2023-28335 The link to reset all templates of a database activity did not include ... | CVSS3: 8.8 | 0% Низкий | почти 3 года назад |
 | CVE-2023-28334 Authenticated users were able to enumerate other users' names via the learning plans page. | CVSS3: 4.3 | 0% Низкий | почти 3 года назад |
| CVE-2023-28334 Authenticated users were able to enumerate other users' names via the ... | CVSS3: 4.3 | 0% Низкий | почти 3 года назад |
| CVE-2023-28333 The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS). | CVSS3: 9.8 | 1% Низкий | почти 3 года назад |
| CVE-2023-28333 The Mustache pix helper contained a potential Mustache injection risk ... | CVSS3: 9.8 | 1% Низкий | почти 3 года назад |
| CVE-2023-28332 If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk. | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
| CVE-2023-28332 If the algebra filter was enabled but not functional (eg the necessary ... | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
| CVE-2023-28331 Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk. | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
| CVE-2023-28331 Content output by the database auto-linking filter required additional ... | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
| CVE-2023-28330 Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default. | CVSS3: 6.5 | 1% Низкий | почти 3 года назад |
Уязвимостей на страницу