The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x ...

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass question:use* capability requirements and add arbitrary questions to a quiz via the questions feature.

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass question:use* capability requirements and add arbitrary questions to a quiz via the questions feature.

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL.

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL.

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...

Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough Versions 2.2 to 2.2.1+ affected.

Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough

Moodle before 2.2.2 has an external enrolment plugin context check iss ...

Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs. Versions 2.2 to 2.2.1+, 2.1 to 2.1.4+, 2.0 to 2.0.7+ affected.

Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.

Moodle before 2.2.2 has Personal information disclosure, when administ ...

Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. Versions 2.2 to 2.2.1+, 2.1 to 2.1.4+, 2.0 to 2.0.7+ affected.

Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.

Moodle before 2.2.2 has a password and web services issue where when t ...

Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results Versions 2.2 to 2.2.1+, 2.1 to 2.1.4+ affected.