Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 536
GHSA-3jfw-v39g-268j
Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.
GHSA-86v9-gqh9-8268
Moodle vulnerable to Cross-site Scripting
GHSA-qq3m-44fg-p6q8
Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role.
GHSA-6656-6qwx-4c2m
Moodle XSS In Tag Autocomplete functionality
GHSA-45ch-hxgr-vx8j
phpCAS client library and Moodle Cross-site Scripting vulnerability
GHSA-9xp2-5fr9-7mwm
Moodle vulnerable to SQL injection
GHSA-37mm-gc69-pw8r
Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name (aka page title).
GHSA-5fgv-cvr8-xg48
Moodle vulnerable to Cross-site Scripting
GHSA-hhxf-w8hj-43w6
Moodle vulnerable to Cross-site Scripting
GHSA-q53j-c866-h9mw
Moodle doesn't properly check role
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-3jfw-v39g-268j Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding. | 0% Низкий | больше 3 лет назад | |
| GHSA-86v9-gqh9-8268 Moodle vulnerable to Cross-site Scripting | 0% Низкий | больше 3 лет назад | |
| GHSA-qq3m-44fg-p6q8 Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role. | 0% Низкий | больше 3 лет назад | |
| GHSA-6656-6qwx-4c2m Moodle XSS In Tag Autocomplete functionality | 0% Низкий | больше 3 лет назад | |
| GHSA-45ch-hxgr-vx8j phpCAS client library and Moodle Cross-site Scripting vulnerability | 0% Низкий | больше 3 лет назад | |
| GHSA-9xp2-5fr9-7mwm Moodle vulnerable to SQL injection | 0% Низкий | больше 3 лет назад | |
| GHSA-37mm-gc69-pw8r Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name (aka page title). | 1% Низкий | больше 3 лет назад | |
| GHSA-5fgv-cvr8-xg48 Moodle vulnerable to Cross-site Scripting | 0% Низкий | больше 3 лет назад | |
| GHSA-hhxf-w8hj-43w6 Moodle vulnerable to Cross-site Scripting | 0% Низкий | больше 3 лет назад | |
| GHSA-q53j-c866-h9mw Moodle doesn't properly check role | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу