Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 541
GHSA-mg54-p2wj-5ph7
moodle: IDOR when fetching report schedules
GHSA-cq5f-wv7p-5gfc
Moodle leaks user names
GHSA-fjq9-452g-jg3q
moodle: Some users can delete audiences of other reports
CVE-2024-48901
A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.
CVE-2024-48901
A vulnerability was found in Moodle. Additional checks are required to ...
CVE-2024-48898
A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.
CVE-2024-48898
A vulnerability was found in Moodle. Users with access to delete audie ...
CVE-2024-48897
A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.
CVE-2024-48897
A vulnerability was found in Moodle. Additional checks are required to ...
CVE-2024-48896
A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-mg54-p2wj-5ph7 moodle: IDOR when fetching report schedules | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
| GHSA-cq5f-wv7p-5gfc Moodle leaks user names | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
| GHSA-fjq9-452g-jg3q moodle: Some users can delete audiences of other reports | CVSS3: 6.5 | 0% Низкий | 12 месяцев назад |
 | CVE-2024-48901 A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report. | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
| CVE-2024-48901 A vulnerability was found in Moodle. Additional checks are required to ... | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
| CVE-2024-48898 A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from. | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
| CVE-2024-48898 A vulnerability was found in Moodle. Users with access to delete audie ... | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
| CVE-2024-48897 A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify. | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
| CVE-2024-48897 A vulnerability was found in Moodle. Additional checks are required to ... | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
| CVE-2024-48896 A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site. | CVSS3: 4.3 | 0% Низкий | 12 месяцев назад |
Уязвимостей на страницу