Moodle — система управления образовательными электронными курсами

In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk.

Moodle SQL Injection vulnerability

Moodle SQL Injection vulnerability

Moodle vulnerable to Server-Side Request Forgery

Moodle Session Fixation vulnerability

Moodle vulnerable to Uncontrolled Resource Consumption

In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.

In Moodle, insufficient redirect handling made it possible to blindly ...

In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.

In Moodle, the file repository's URL parsing required additional recur ...