Количество 2 470
Количество 2 470
CVE-2024-25979
The URL parameters accepted by forum search were not limited to the al ...
CVE-2024-25978
Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
CVE-2024-25978
Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
CVE-2024-25978
Insufficient file size checks resulted in a denial of service risk in ...
CVE-2024-1439
Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent.
CVE-2024-1439
Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent.
CVE-2024-1439
Inadequate access control in Moodle LMS. This vulnerability could allo ...
CVE-2023-5547
The course upload preview contained an XSS risk for users uploading unsafe data.
CVE-2023-5547
The course upload preview contained an XSS risk for users uploading unsafe data.
CVE-2023-5547
The course upload preview contained an XSS risk for users uploading un ...
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sa ...
CVE-2023-5544
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
CVE-2023-5544
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
CVE-2023-5544
Wiki comments required additional sanitizing and access restrictions t ...
CVE-2023-5541
The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.
CVE-2023-5541
The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.
CVE-2023-5541
The CSV grade import method contained an XSS risk for users importing ...
CVE-2023-46858
** DISPUTED ** Moodle 4.3 allows /grade/report/grader/index.php?searchvalue= reflected XSS when logged in as a teacher. NOTE: the Moodle Security FAQ link states "Some forms of rich content [are] used by teachers to enhance their courses ... admins and teachers can post XSS-capable content, but students can not."
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2024-25979 The URL parameters accepted by forum search were not limited to the al ... | CVSS3: 5.3 | 0% Низкий | больше 1 года назад |
 | CVE-2024-25978 Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
 | CVE-2024-25978 Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| CVE-2024-25978 Insufficient file size checks resulted in a denial of service risk in ... | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| CVE-2024-1439 Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| CVE-2024-1439 Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| CVE-2024-1439 Inadequate access control in Moodle LMS. This vulnerability could allo ... | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| CVE-2023-5547 The course upload preview contained an XSS risk for users uploading unsafe data. | CVSS3: 3.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-5547 The course upload preview contained an XSS risk for users uploading unsafe data. | CVSS3: 3.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-5547 The course upload preview contained an XSS risk for users uploading un ... | CVSS3: 3.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-5546 ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. | CVSS3: 4.3 | 1% Низкий | больше 1 года назад |
| CVE-2023-5546 ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. | CVSS3: 4.3 | 1% Низкий | больше 1 года назад |
| CVE-2023-5546 ID numbers displayed in the quiz grading report required additional sa ... | CVSS3: 4.3 | 1% Низкий | больше 1 года назад |
| CVE-2023-5544 Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| CVE-2023-5544 Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| CVE-2023-5544 Wiki comments required additional sanitizing and access restrictions t ... | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| CVE-2023-5541 The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content. | CVSS3: 3.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-5541 The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content. | CVSS3: 3.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-5541 The CSV grade import method contained an XSS risk for users importing ... | CVSS3: 3.3 | 0% Низкий | больше 1 года назад |
| CVE-2023-46858 ** DISPUTED ** Moodle 4.3 allows /grade/report/grader/index.php?searchvalue= reflected XSS when logged in as a teacher. NOTE: the Moodle Security FAQ link states "Some forms of rich content [are] used by teachers to enhance their courses ... admins and teachers can post XSS-capable content, but students can not." | CVSS3: 5.4 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу