Moodle vulnerable to Server Side Request Forgery

Moodle stored-XSS vulnerability in some "social" user profile fields

Moodle reveals absolute path in exception message

Moodle Cross-site Scripting (XSS)

Cross Site Request Forgery in Moodle

Moodle PostScript Code Injection

Moodle allows remote attackers to read arbitrary files

Moodle Improper Privilege Management

Moodle Cross-Site Request Forgery (CSRF)

Moodle Login CSRF vulnerability in login form

Moodle SQL injection via user preferences

repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to an incorrect CURLOPT_SSL_VERIFYHOST value.

Moodle Vulnerable to Reflected Cross-site Scripting

Moodle Cross-site Scripting

Moodle calculated question type allows remote code execution by Question authors

Moodle Lesson activity password bypass through PHP loose comparison

Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosave feature.

mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.

auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 redirects users from an https LDAP login URL to an http URL, which allows remote attackers to obtain sensitive information by sniffing the network.

In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.