Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 541
GHSA-fhgh-fjh9-vq62
Moodle allows remote authenticated users to cause a denial of service (invalid database records)
GHSA-m2pf-4pf8-45j2
Moodle allows remote authenticated users to cause a denial of service (invalid database records)
GHSA-3qg4-2fcm-c8f9
Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members
GHSA-mx5g-3vxh-rgm8
Moodle vulnerable to XSS via bundled spikephpcoverage library
GHSA-j3x5-cwfj-pfcw
Moodle does not force password changes for autosubscribed users
GHSA-6xqg-f34f-5fjx
Moodle vulnerable to Cross-site Scripting
GHSA-p269-r9cq-frhv
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.
GHSA-8vjj-wf73-w882
Moodle Incorrect Default Settings
GHSA-mw6p-49jf-9935
Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page
GHSA-4r4x-49qh-hfgv
Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-fhgh-fjh9-vq62 Moodle allows remote authenticated users to cause a denial of service (invalid database records) | 1% Низкий | больше 3 лет назад | |
| GHSA-m2pf-4pf8-45j2 Moodle allows remote authenticated users to cause a denial of service (invalid database records) | 0% Низкий | больше 3 лет назад | |
| GHSA-3qg4-2fcm-c8f9 Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members | 0% Низкий | больше 3 лет назад | |
| GHSA-mx5g-3vxh-rgm8 Moodle vulnerable to XSS via bundled spikephpcoverage library | 3% Низкий | больше 3 лет назад | |
| GHSA-j3x5-cwfj-pfcw Moodle does not force password changes for autosubscribed users | 0% Низкий | больше 3 лет назад | |
| GHSA-6xqg-f34f-5fjx Moodle vulnerable to Cross-site Scripting | 0% Низкий | больше 3 лет назад | |
| GHSA-p269-r9cq-frhv Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page. | 0% Низкий | больше 3 лет назад | |
| GHSA-8vjj-wf73-w882 Moodle Incorrect Default Settings | 0% Низкий | больше 3 лет назад | |
| GHSA-mw6p-49jf-9935 Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page | 0% Низкий | больше 3 лет назад | |
| GHSA-4r4x-49qh-hfgv Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens. | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу