Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 577
GHSA-m63h-q4x3-6hwj
Moodle is vulnerable to Improper Input Validation in MoodleQuickForm class
GHSA-cc94-hwj3-rf65
Moodle's login_as feature leaks information from external repositories
GHSA-x3x8-fjw6-hccx
Moodle does not consider "don't send" attributes during hub registration
GHSA-893p-hqf6-mg67
lib/modinfolib.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 does not check for a group-membership requirement when determining whether an activity is unavailable or hidden, which allows remote authenticated users to bypass intended access restrictions by selecting an activity that is configured for a group of other users.
GHSA-wp3g-pr4h-q6vv
Moodle does not enforce capability requirements for reading blog comments
GHSA-mxp2-wcjh-jf72
The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vectors that trigger caching of a user record.
GHSA-w66h-c2vj-cm7f
Moodle Authentication Bypass in File Upload
GHSA-wmmc-qjq2-vvm2
Moodle is vulnerable to Sensitive Information Disclosure
GHSA-prrh-679x-79qh
Moodle allows remote authenticated users to reassign notes
GHSA-664q-mrxx-2x2v
Moodle does not properly manage privileges for WebDAV repositories
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-m63h-q4x3-6hwj Moodle is vulnerable to Improper Input Validation in MoodleQuickForm class | 1% Низкий | больше 3 лет назад | |
| GHSA-cc94-hwj3-rf65 Moodle's login_as feature leaks information from external repositories | 0% Низкий | больше 3 лет назад | |
| GHSA-x3x8-fjw6-hccx Moodle does not consider "don't send" attributes during hub registration | 0% Низкий | больше 3 лет назад | |
| GHSA-893p-hqf6-mg67 lib/modinfolib.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 does not check for a group-membership requirement when determining whether an activity is unavailable or hidden, which allows remote authenticated users to bypass intended access restrictions by selecting an activity that is configured for a group of other users. | 0% Низкий | больше 3 лет назад | |
| GHSA-wp3g-pr4h-q6vv Moodle does not enforce capability requirements for reading blog comments | 1% Низкий | больше 3 лет назад | |
| GHSA-mxp2-wcjh-jf72 The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vectors that trigger caching of a user record. | 0% Низкий | больше 3 лет назад | |
| GHSA-w66h-c2vj-cm7f Moodle Authentication Bypass in File Upload | 0% Низкий | больше 3 лет назад | |
| GHSA-wmmc-qjq2-vvm2 Moodle is vulnerable to Sensitive Information Disclosure | 0% Низкий | больше 3 лет назад | |
| GHSA-prrh-679x-79qh Moodle allows remote authenticated users to reassign notes | 0% Низкий | больше 3 лет назад | |
| GHSA-664q-mrxx-2x2v Moodle does not properly manage privileges for WebDAV repositories | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу