Moodle — система управления образовательными электронными курсами

Moodle vulnerable to Cross-site Scripting

Moodle allows remote attackers to obtain sensitive information

Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.

Moodle XSS In Tag Autocomplete functionality

Moodle vulnerable to SQL injection

phpCAS client library and Moodle Cross-site Scripting vulnerability

Moodle Session Fixation vulnerability

Moodle is vulnerable to unauthorized new accounts creation

Moodle vulnerable to Cross-site Scripting

Moodle doesn't properly check role