Количество 2 643
Количество 2 643
CVE-2022-0985
Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability.
CVE-2022-0985
Insufficient capability checks could allow users with the moodle/site: ...
CVE-2022-0984
Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.
CVE-2022-0984
Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.
CVE-2022-0984
Users with the capability to configure badge criteria (teachers and ma ...
CVE-2022-0335
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.
CVE-2022-0335
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk.
CVE-2022-0335
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ...
CVE-2022-0334
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.
CVE-2022-0334
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.
CVE-2022-0334
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ...
CVE-2022-0333
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events.
CVE-2022-0333
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events.
CVE-2022-0333
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ...
CVE-2022-0332
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
CVE-2022-0332
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
CVE-2022-0332
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injectio ...
CVE-2021-40695
It was possible for a student to view their quiz grade before it had been released, using a quiz web service.
CVE-2021-40695
It was possible for a student to view their quiz grade before it had been released, using a quiz web service.
CVE-2021-40695
It was possible for a student to view their quiz grade before it had b ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-0985 Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0985 Insufficient capability checks could allow users with the moodle/site: ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-0984 Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0984 Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0984 Users with the capability to configure badge criteria (teachers and ma ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0335 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk. | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
| CVE-2022-0335 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk. | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
| CVE-2022-0335 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ... | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
| CVE-2022-0334 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability. | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| CVE-2022-0334 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability. | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| CVE-2022-0334 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ... | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| CVE-2022-0333 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events. | CVSS3: 3.8 | 0% Низкий | почти 4 года назад |
| CVE-2022-0333 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events. | CVSS3: 3.8 | 0% Низкий | почти 4 года назад |
| CVE-2022-0333 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ... | CVSS3: 3.8 | 0% Низкий | почти 4 года назад |
| CVE-2022-0332 A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data. | CVSS3: 9.8 | 3% Низкий | почти 4 года назад |
| CVE-2022-0332 A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data. | CVSS3: 9.8 | 3% Низкий | почти 4 года назад |
| CVE-2022-0332 A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injectio ... | CVSS3: 9.8 | 3% Низкий | почти 4 года назад |
| CVE-2021-40695 It was possible for a student to view their quiz grade before it had been released, using a quiz web service. | CVSS3: 4.3 | 0% Низкий | около 3 лет назад |
| CVE-2021-40695 It was possible for a student to view their quiz grade before it had been released, using a quiz web service. | CVSS3: 4.3 | 0% Низкий | около 3 лет назад |
| CVE-2021-40695 It was possible for a student to view their quiz grade before it had b ... | CVSS3: 4.3 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу