Filter
AND
-Infinity
0
Trending
Software
MoodleMoodle: xss risk when outputting database activity filter data
6.1
First published (updated )
MoodleIn Moodle, insufficient limitations in some quiz web services made it possible for students to bypas…
4.3
First published (updated )
composer/moodle/moodleMsa-24-0002: forum search accepted random parameters in its url
5.3
EPSS
0.04%
First published (updated )
composer/moodle/moodleMsa-24-0003: h5p attempts report did not respect activity group settings
5.3
EPSS
0.04%
First published (updated )
composer/moodle/moodleMsa-24-0004: forum export did not respect activity group settings
5.3
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/moodle/moodleMsa-24-0006: idor on dashboard comments block
5.3
EPSS
0.04%
First published (updated )
redhat/moodleMoodle: cache poisoning risk with endpoint revision numbers
5.3
First published (updated )
redhat/moodleMoodle: xss risk when previewing data in course upload tool
6.1
First published (updated )
MoodleMoodle: stored xss in quiz grading report via user id number
5.4
First published (updated )
redhat/moodleMoodle: insufficient capability checks when updating the parent of a course category
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/moodleMoodle: xss risk when using csv grade import method
6.1
First published (updated )
redhat/moodleMoodle: stored xss and potential idor risk in wiki comments
6.5
First published (updated )
redhat/moodleMoodle: auto-populated h5p author name causes a potential information leak
5.3
First published (updated )
composer/moodle/moodleMoodle: students can view other users in "only see own membership" groups
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MoodleInsufficient capability checks made it possible to fetch other users' calendar action events.
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/moodle/moodleA vulnerability was found in moodle before version 3.6.3. The get_with_capability_join and get_users…
4.3
First published (updated )
composer/moodle/moodleA vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Links within ass…
6.1
First published (updated )
composer/moodle/moodleA vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home w…
4.3
First published (updated )
composer/moodle/moodleA vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Permissions were not cor…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/moodle/moodleMoodle: idor when fetching report schedules
4.3
First published (updated )
composer/moodle/moodleMoodle: idor in edit/delete rss feed
6.5
First published (updated )
composer/moodle/moodleMoodle: users' names returned in messaging error message
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.