Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 577
GHSA-267j-cwvg-j28c
Moodle attackers to modify grade metadata
GHSA-48rq-vj58-2mh6
Moodle creates a MoodleMobile web-service token with an infinite lifetime
GHSA-5rr5-fxhc-jv64
Moodle allows attackers to modify the visibility of a badge
GHSA-j465-7mp6-3xg3
Moodle places a session key in a URL
GHSA-2vhr-4mhq-m35c
Moodle does not properly restrict access
GHSA-fc5p-vj3h-x7g4
Moodle allows attackers to obtain sensitive information
GHSA-f9m9-494r-w36p
Moodle allows bypass of intended access restrictions
GHSA-6xpm-q8x9-j3rw
Moodle allows attackers to bypass intended access restrictions
GHSA-g4wf-f588-7xc7
mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization.
GHSA-xfgq-37vh-892j
Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosave feature.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-267j-cwvg-j28c Moodle attackers to modify grade metadata | 0% Низкий | больше 3 лет назад | |
| GHSA-48rq-vj58-2mh6 Moodle creates a MoodleMobile web-service token with an infinite lifetime | 0% Низкий | больше 3 лет назад | |
| GHSA-5rr5-fxhc-jv64 Moodle allows attackers to modify the visibility of a badge | 0% Низкий | больше 3 лет назад | |
| GHSA-j465-7mp6-3xg3 Moodle places a session key in a URL | 0% Низкий | больше 3 лет назад | |
| GHSA-2vhr-4mhq-m35c Moodle does not properly restrict access | 0% Низкий | больше 3 лет назад | |
| GHSA-fc5p-vj3h-x7g4 Moodle allows attackers to obtain sensitive information | 0% Низкий | больше 3 лет назад | |
| GHSA-f9m9-494r-w36p Moodle allows bypass of intended access restrictions | 0% Низкий | больше 3 лет назад | |
| GHSA-6xpm-q8x9-j3rw Moodle allows attackers to bypass intended access restrictions | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-g4wf-f588-7xc7 mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-xfgq-37vh-892j Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosave feature. | CVSS3: 6.8 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу