Количество 2 470
Количество 2 470
CVE-2021-20283
The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20283
The web service responsible for fetching other users' enrolled courses ...
CVE-2021-20282
When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20282
When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20282
When creating a user account, it was possible to verify the account wi ...
CVE-2021-20281
It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20281
It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20281
It was possible for some users without permission to view other users' ...
CVE-2021-20280
Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20280
Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20280
Text-based feedback answers required additional sanitizing to prevent ...
CVE-2021-20279
The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20279
The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVE-2021-20279
The ID number user profile field required additional sanitizing to pre ...
CVE-2021-20187
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.
CVE-2021-20187
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.
CVE-2021-20187
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 ...
CVE-2021-20186
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.
CVE-2021-20186
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.
CVE-2021-20186
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-20283 The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-20283 The web service responsible for fetching other users' enrolled courses ... | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-20282 When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-20282 When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-20282 When creating a user account, it was possible to verify the account wi ... | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-20281 It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-20281 It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-20281 It was possible for some users without permission to view other users' ... | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-20280 Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20280 Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20280 Text-based feedback answers required additional sanitizing to prevent ... | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20279 The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20279 The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20279 The ID number user profile field required additional sanitizing to pre ... | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20187 It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication. | CVSS3: 7.2 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20187 It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication. | CVSS3: 7.2 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20187 It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 ... | CVSS3: 7.2 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20186 It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS. | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20186 It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS. | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20186 It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 ... | CVSS3: 5.4 | 1% Низкий | больше 4 лет назад |
Уязвимостей на страницу