Количество 2 647
Количество 2 647
GHSA-v759-3wr5-p294
Moodle vulnerable to Cross-site scripting
GHSA-r7jh-88fq-f64h
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when the "Login as" feature is used to visit a MyMoodle or Blog page.
GHSA-p657-7739-2grh
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.
GHSA-mx5g-3vxh-rgm8
Moodle vulnerable to XSS via bundled spikephpcoverage library
GHSA-mqw9-3cjm-xwp3
Moodle Minor SQL injection risk in admin user browsing
GHSA-mj87-8xf8-fp4w
Cross-Site Scripting in yui
GHSA-jr83-8x65-xcr5
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability
GHSA-jqgr-gh62-jf53
Moodle Stored Cross-site Scripting and page denial of service
GHSA-j6c3-3c4w-qv8p
Moodle cross-site scripting (XSS) vulnerabilities
GHSA-h2fw-93qx-vrcq
SQL Injection in Moodle
GHSA-g39c-mccf-rxjv
Moodle Insecure direct object reference (IDOR) in a calendar web service
GHSA-fx5h-3786-h2w6
PHP Spellchecker addon for TinyMCE allows attackers to trigger arbitrary outbound HTTP requests
GHSA-fm5h-58g2-4m3f
Moodle Improper Access Control vulnerability
GHSA-cwh2-q44x-5w3c
Moodle Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability
GHSA-9ww8-j8j2-3788
YUI Cross-site Scripting (XSS) vulnerability
GHSA-8mm2-m2gp-c6x2
Moodle Improper Access Control vulnerability
GHSA-7mmc-22g7-3xq2
Moodle SQL Injection vulnerability
GHSA-64r3-582j-frqm
YUI Cross-site Scripting (XSS) vulnerability
GHSA-5cvx-cwpx-9rjh
Moodle Code Injection vulnerability
GHSA-45ch-hxgr-vx8j
phpCAS client library and Moodle Cross-site Scripting vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-v759-3wr5-p294 Moodle vulnerable to Cross-site scripting | 1% Низкий | почти 4 года назад | |
| GHSA-r7jh-88fq-f64h Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when the "Login as" feature is used to visit a MyMoodle or Blog page. | 0% Низкий | почти 4 года назад | |
| GHSA-p657-7739-2grh When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting. | CVSS3: 3.3 | 0% Низкий | около 2 лет назад |
| GHSA-mx5g-3vxh-rgm8 Moodle vulnerable to XSS via bundled spikephpcoverage library | 3% Низкий | больше 3 лет назад | |
| GHSA-mqw9-3cjm-xwp3 Moodle Minor SQL injection risk in admin user browsing | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад |
| GHSA-mj87-8xf8-fp4w Cross-Site Scripting in yui | 0% Низкий | больше 5 лет назад | |
| GHSA-jr83-8x65-xcr5 Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability | CVSS3: 3.3 | 0% Низкий | около 2 лет назад |
| GHSA-jqgr-gh62-jf53 Moodle Stored Cross-site Scripting and page denial of service | CVSS3: 7.1 | 0% Низкий | больше 3 лет назад |
| GHSA-j6c3-3c4w-qv8p Moodle cross-site scripting (XSS) vulnerabilities | 0% Низкий | больше 3 лет назад | |
| GHSA-h2fw-93qx-vrcq SQL Injection in Moodle | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
| GHSA-g39c-mccf-rxjv Moodle Insecure direct object reference (IDOR) in a calendar web service | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
| GHSA-fx5h-3786-h2w6 PHP Spellchecker addon for TinyMCE allows attackers to trigger arbitrary outbound HTTP requests | 1% Низкий | больше 3 лет назад | |
| GHSA-fm5h-58g2-4m3f Moodle Improper Access Control vulnerability | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
| GHSA-cwh2-q44x-5w3c Moodle Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
| GHSA-9ww8-j8j2-3788 YUI Cross-site Scripting (XSS) vulnerability | 0% Низкий | больше 3 лет назад | |
| GHSA-8mm2-m2gp-c6x2 Moodle Improper Access Control vulnerability | CVSS3: 4.3 | 0% Низкий | около 2 лет назад |
| GHSA-7mmc-22g7-3xq2 Moodle SQL Injection vulnerability | CVSS3: 7.3 | 1% Низкий | почти 3 года назад |
| GHSA-64r3-582j-frqm YUI Cross-site Scripting (XSS) vulnerability | 0% Низкий | больше 3 лет назад | |
| GHSA-5cvx-cwpx-9rjh Moodle Code Injection vulnerability | CVSS3: 6.5 | 1% Низкий | около 2 лет назад |
| GHSA-45ch-hxgr-vx8j phpCAS client library and Moodle Cross-site Scripting vulnerability | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу