Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 535

CVE-2020-1755

около 3 лет назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.

CVSS3: 5.3

EPSS: Низкий

CVE-2020-1755

около 3 лет назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For heade ...

CVSS3: 5.3

EPSS: Низкий

CVE-2020-14322

около 3 лет назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2020-14322

около 3 лет назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to l ...

CVSS3: 7.5

EPSS: Низкий

CVE-2020-14321

около 3 лет назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.

CVSS3: 8.8

EPSS: Средний

CVE-2020-14321

около 3 лет назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course ...

CVSS3: 8.8

EPSS: Средний

CVE-2020-14320

около 3 лет назад

In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk.

CVSS3: 6.1

EPSS: Низкий

CVE-2020-14320

около 3 лет назад

In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task ...

CVSS3: 6.1

EPSS: Низкий

CVE-2020-14322

около 3 лет назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2020-14321

около 3 лет назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.

CVSS3: 8.8

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2020-1755 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.	CVSS3: 5.3	0% Низкий	около 3 лет назад
CVE-2020-1755 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For heade ...	CVSS3: 5.3	0% Низкий	около 3 лет назад
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.	CVSS3: 7.5	1% Низкий	около 3 лет назад
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to l ...	CVSS3: 7.5	1% Низкий	около 3 лет назад
CVE-2020-14321 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.	CVSS3: 8.8	60% Средний	около 3 лет назад
CVE-2020-14321 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course ...	CVSS3: 8.8	60% Средний	около 3 лет назад
CVE-2020-14320 In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk.	CVSS3: 6.1	1% Низкий	около 3 лет назад
CVE-2020-14320 In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task ...	CVSS3: 6.1	1% Низкий	около 3 лет назад
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.	CVSS3: 7.5	1% Низкий	около 3 лет назад
CVE-2020-14321 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.	CVSS3: 8.8	60% Средний	около 3 лет назад

Уязвимостей на страницу