Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 541
BDU:2022-06359
Уязвимость виртуальной обучающей среды Moodle, связанная с недостаточной очисткой пользовательских данных, позволяющая нарушителю выполнить произвольные SQL-команды
GHSA-q5m8-g27f-797h
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.
GHSA-cwhp-rqfr-8462
Moodle XSS Vulnerability
CVE-2020-1754
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.
CVE-2020-1754
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the gra ...
CVE-2020-1691
In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.
CVE-2020-1691
In Moodle 3.8, messages required extra sanitizing before updating the ...
CVE-2020-1754
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.
CVE-2020-1691
In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.
GHSA-62wh-m4jr-233r
Moodle LTI module reflected XSS risk
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | BDU:2022-06359 Уязвимость виртуальной обучающей среды Moodle, связанная с недостаточной очисткой пользовательских данных, позволяющая нарушителю выполнить произвольные SQL-команды | CVSS3: 9.8 | 1% Низкий | больше 3 лет назад |
| GHSA-q5m8-g27f-797h In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-cwhp-rqfr-8462 Moodle XSS Vulnerability | CVSS3: 5.4 | 1% Низкий | больше 3 лет назад |
 | CVE-2020-1754 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2020-1754 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the gra ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2020-1691 In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting. | CVSS3: 5.4 | 1% Низкий | больше 3 лет назад |
| CVE-2020-1691 In Moodle 3.8, messages required extra sanitizing before updating the ... | CVSS3: 5.4 | 1% Низкий | больше 3 лет назад |
 | CVE-2020-1754 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2020-1691 In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting. | CVSS3: 5.4 | 1% Низкий | больше 3 лет назад |
| GHSA-62wh-m4jr-233r Moodle LTI module reflected XSS risk | CVSS3: 6.1 | 78% Высокий | больше 3 лет назад |
Уязвимостей на страницу