Latest Moodle Vulnerabilities

CVE-2023-46858
Moodle 4.3 allows /grade/report/grader/index.php?searchvalue= reflected XSS when logged in as a teacher. NOTE: the Moodle Security FAQ link states "Some forms of rich content [are] used by teachers to...
=4.3.0
CVE-2023-5551
Moodle: forum summary report shows students from other groups when in separate groups mode
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 12 more
CVE-2023-5550
Moodle: rce due to lfi risk in some misconfigured shared hosting environments
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 12 more
CVE-2023-5549
Moodle: insufficient capability checks when updating the parent of a course category
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 7 more
CVE-2023-5548
Moodle: cache poisoning risk with endpoint revision numbers
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 7 more
CVE-2023-5547
Moodle: xss risk when previewing data in course upload tool
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle>=3.9.0<3.9.24
and 9 more
CVE-2023-5546
Moodle: stored xss in quiz grading report via user id number
redhat/moodle<4.2.3
redhat/4.1.6 and<4.0.11
Moodle Moodle>=4.0.0<4.0.11
Moodle Moodle>=4.1.0<4.1.6
Moodle Moodle>=4.2.0<4.2.3
Redhat Enterprise Linux=7.0
and 4 more
CVE-2023-5545
Moodle: auto-populated h5p author name causes a potential information leak
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 7 more
CVE-2023-5544
Moodle: stored xss and potential idor risk in wiki comments
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle>=3.9.0<3.9.24
and 9 more
CVE-2023-5543
Moodle: duplicating a bigbluebutton activity assigns the same meeting id
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
Moodle Moodle>=4.0.0<4.0.11
Moodle Moodle>=4.1.0<4.1.6
Moodle Moodle>=4.2.0<4.2.3
and 2 more
CVE-2023-5542
Moodle: students can view other users in "only see own membership" groups
redhat/moodle<4.2.3
Moodle Moodle=4.2.2
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=38
composer/moodle/moodle<4.3.0-rc2
CVE-2023-5541
Moodle: xss risk when using csv grade import method
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle>=3.9.0<3.9.24
and 5 more
CVE-2023-5540
Moodle: authenticated remote code execution risk in imscp
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 7 more
CVE-2023-5539
Moodle: authenticated remote code execution risk in lesson
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
composer/moodle/moodle<4.3.0-rc2
and 7 more
CVE-2023-35133
Moodle: ssrf risk due to insufficient check on the curl blocked hosts
Moodle Moodle<3.9.22
Moodle Moodle>=3.11.0<3.11.15
Moodle Moodle>=4.0.0<4.0.9
Moodle Moodle>=4.1.0<4.1.4
Moodle Moodle=4.2.0
composer/moodle/moodle<3.9.22
and 14 more
CVE-2023-35132
Moodle: minor sql injection risk on mnet sso access control page
Moodle Moodle<3.9.22
Moodle Moodle>=3.11.0<3.11.15
Moodle Moodle>=4.0.0<4.0.9
Moodle Moodle>=4.1.0<4.1.4
Moodle Moodle=4.2.0
composer/moodle/moodle<3.9.22
and 14 more
CVE-2023-35131
Moodle: xss risk on groups page
Moodle Moodle>=3.11.0<3.11.15
Moodle Moodle>=4.0.0<4.0.9
Moodle Moodle>=4.1.0<4.1.4
Moodle Moodle=4.2.0
composer/moodle/moodle<3.11.15
composer/moodle/moodle>=4.0.0<4.0.9
and 10 more
CVE-2021-27131
** DISPUTED ** Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in ...
Moodle Moodle=3.10.1
composer/moodle/moodle<=3.10.1
=3.10.1
CVE-2023-30944
Moodle: minor sql injection risk in external wiki method for listing pages
Moodle Moodle>=3.9.0<3.9.21
Moodle Moodle>=3.11.0<3.11.14
Moodle Moodle>=4.0.0<4.0.8
Moodle Moodle>=4.1.0<4.1.3
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=36
and 15 more
CVE-2023-30943
Moodle: tinymce loaders susceptible to arbitrary folder creation
Moodle Moodle>=4.1.0<4.1.3
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Fedoraproject Fedora=38
composer/moodle/moodle<4.2.0-rc2
and 6 more
CVE-2022-40208
In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt.
Moodle Moodle>3.9.0<3.9.16
Moodle Moodle>3.11.0<3.11.9
Moodle Moodle>4.0.0<4.0.3
Moodle Moodle=3.9.0
Moodle Moodle=3.11.0
Moodle Moodle=4.0.0
CVE-2023-1402
Moodle: course participation report shows roles the user should not see
Moodle Moodle>3.9.0<3.9.20
Moodle Moodle>3.11.0<3.11.13
Moodle Moodle>4.0.0<4.0.7
Moodle Moodle=3.9.0
Moodle Moodle=3.11.0
Moodle Moodle=4.0.0
and 10 more
CVE-2023-28336
Moodle: teacher can access names of users they do not have permission to access
Moodle Moodle>3.9.0<3.9.20
Moodle Moodle>3.11.0<3.11.13
Moodle Moodle>4.0.0<4.0.7
Moodle Moodle=3.9.0
Moodle Moodle=3.11.0
Moodle Moodle=4.0.0
and 11 more
CVE-2023-28335
Moodle: csrf risk in resetting all templates of a database activity
Moodle Moodle=4.1.0
Moodle Moodle=4.1.1
redhat/moodle<4.1.2
composer/moodle/moodle>=4.1.0<4.1.2
CVE-2023-28334
Moodle: users' name enumeration possible via idor on learning plans page
Moodle Moodle>4.0.0<4.0.7
Moodle Moodle=4.0.0
Moodle Moodle=4.1.0
Moodle Moodle=4.1.1
redhat/moodle<4.1.2
redhat/moodle<4.0.7
and 4 more
CVE-2023-28333
Moodle: pix helper potential mustache code injection risk
Moodle Moodle>3.9.0<3.9.20
Moodle Moodle>3.11.0<3.11.13
Moodle Moodle>4.0.0<4.0.7
Moodle Moodle=3.9.0
Moodle Moodle=3.11.0
Moodle Moodle=4.0.0
and 11 more
CVE-2023-28332
Moodle: algebra filter xss when filter is misconfigured
Moodle Moodle>3.9.0<3.9.20
Moodle Moodle>3.11.0<3.11.13
Moodle Moodle>4.0.0<4.0.7
Moodle Moodle=3.9.0
Moodle Moodle=3.11.0
Moodle Moodle=4.0.0
and 10 more
CVE-2023-28331
Moodle: xss risk when outputting database activity filter data
Moodle Moodle>3.9.0<3.9.20
Moodle Moodle>3.11.0<3.11.13
Moodle Moodle>4.0.0<4.0.7
Moodle Moodle=3.9.0
Moodle Moodle=3.11.0
Moodle Moodle=4.0.0
and 10 more
CVE-2023-28330
Moodle: authenticated arbitrary file read through malformed backup file
Moodle Moodle>3.9.0<3.9.20
Moodle Moodle>3.11.0<3.11.13
Moodle Moodle>4.0.0<4.0.7
Moodle Moodle=3.9.0
Moodle Moodle=3.11.0
Moodle Moodle=4.0.0
and 10 more
CVE-2023-28329
Moodle: authenticated sql injection via availability check
Moodle Moodle>3.9.0<3.9.20
Moodle Moodle>3.11.0<3.11.13
Moodle Moodle>4.0.0<4.0.7
Moodle Moodle=3.9.0
Moodle Moodle=3.11.0
Moodle Moodle=4.0.0
and 10 more
CVE-2021-36402
In Moodle, Users' names required additional sanitizing in the account confirmation email, to prevent a self-registration phishing risk.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36403
In Moodle, in some circumstances, email notifications of messages could have the link back to the original message hidden by HTML, which may pose a phishing risk.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36399
In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle=3.11.0
CVE-2021-36400
In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36398
In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle=3.11.0
CVE-2021-36397
In Moodle, insufficient capability checks meant message deletions were not limited to the current user.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36401
In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36395
In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36396
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36393
In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2021-36392
In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.
Moodle Moodle<3.9.8
Moodle Moodle>=3.10.0<3.10.5
Moodle Moodle>=3.11.0<3.11.1
CVE-2023-23923
Moodle: possible to set the preferred "start page" of other users
Moodle Moodle>=3.9.0<3.9.19
Moodle Moodle>=3.11.0<3.11.12
Moodle Moodle>=4.0.0<4.0.6
Moodle Moodle=4.1.0
redhat/moodle<4.1.1
redhat/moodle<4.0.6
and 2 more
CVE-2023-23922
Moodle: reflected xss risk in blog search
Moodle Moodle>=4.0.0<4.0.6
Moodle Moodle=4.1.0
redhat/moodle<4.1.1
redhat/moodle<4.0.6
CVE-2023-23921
Moodle: reflected xss risk in some returnurl parameters
Moodle Moodle>=3.9.0<3.9.19
Moodle Moodle>=3.11.0<3.11.12
Moodle Moodle>=4.0.0<4.0.6
Moodle Moodle=4.1.0
redhat/moodle<4.1.1
redhat/moodle<4.0.6
and 2 more
CVE-2022-45151
MSA-22-0031: Stored XSS possible in some "social" user profile fields The "social" user profile field type performed insufficient escaping on some fields, resulting in a stored XSS risk. Versions af...
Moodle Moodle>=3.11.0<3.11.11
Moodle Moodle>=4.0.0<4.0.5
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
composer/moodle/moodle>=4.0<4.0.5
and 8 more
CVE-2022-45152
A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utili...
Moodle Moodle<3.9.18
Moodle Moodle>=3.11.0<3.11.11
Moodle Moodle>=4.0.0<4.0.5
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
and 14 more
CVE-2022-45149
A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's CSRF token was unnecessarily included in the URL when being ...
Moodle Moodle>=3.9.0<3.9.18
Moodle Moodle>=3.11.0<3.11.11
Moodle Moodle>=4.0.0<4.0.5
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
and 3 more
CVE-2022-45150
A reflected cross-site scripting vulnerability was discovered in Moodle. This flaw exists due to insufficient sanitization of user-supplied data in policy tool. An attacker can trick the victim to ope...
Moodle Moodle>=3.9.0<3.9.18
Moodle Moodle>=3.11.0<3.11.11
Moodle Moodle>=4.0.0<4.0.5
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
and 12 more
CVE-2022-40316
Severity/Risk: Minor Versions affected: 4.0 to 4.0.3, 3.11 to 3.11.9, 3.9 to 3.9.16 and earlier unsupported versions Versions fixed: 4.0.4, 3.11.10 and 3.9.17 Reported by: Jari Vilkman and Bjørn T...
Moodle Moodle>=3.9.0<3.9.17
Moodle Moodle>=3.11.0<3.11.10
Moodle Moodle>=4.0.0<4.0.4
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
and 9 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203