Filter
AND
AND

MoodleInput Validation

medium
5.3
First published (updated )
CVE-2021-36402

MoodleIn Moodle, insufficient capability checks meant message deletions were not limited to the current us…

medium
5.3
First published (updated )
CVE-2021-36397

MoodleIn Moodle, the file repository's URL parsing required additional recursion handling to mitigate the …

high
7.5
First published (updated )
CVE-2021-36395

MoodleIn Moodle, in some circumstances, email notifications of messages could have the link back to the or…

medium
5.3
First published (updated )
CVE-2021-36403

MoodleSQL Injection

critical
9.8
First published (updated )
CVE-2021-36392

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MoodleSQL Injection

critical
9.8
First published (updated )
CVE-2021-36393

MoodleSSRF

high
7.5
First published (updated )
CVE-2021-36396

MoodleIn Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.

critical
9.8
First published (updated )
CVE-2021-36394

MoodleXSS

medium
4.8
First published (updated )
CVE-2021-36401

MoodleIn Moodle, insufficient capability checks made it possible to remove other users' calendar URL subsc…

medium
5.3
First published (updated )
CVE-2021-36400

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

composer/moodle/moodleInsufficient capability checks could allow users with the moodle/site:uploadusers capability to dele…

medium
4.3
First published (updated )
CVE-2022-0985

redhat/moodleSQL Injection

high
8.8
First published (updated )
CVE-2022-0983

redhat/moodleUsers with the capability to configure badge criteria (teachers and managers by default) were able t…

medium
4.3
First published (updated )
CVE-2022-0984

composer/moodle/moodleSQL Injection

high
7.2
First published (updated )
CVE-2021-32474

composer/moodle/moodleInfoleak

medium
5.3
First published (updated )
CVE-2021-32473

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

composer/moodle/moodleXSS, OS Command Injection

medium
5.4
First published (updated )
CVE-2021-32475

composer/moodle/moodleInfoleak

medium
4.3
First published (updated )
CVE-2021-32477

composer/moodle/moodleA denial-of-service risk was identified in the draft files area, due to it not respecting user file …

high
7.5
First published (updated )
CVE-2021-32476

MoodleXSS

medium
6.1
First published (updated )
CVE-2021-32478

composer/moodle/moodleInfoleak

medium
4.3
First published (updated )
CVE-2021-32472

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MoodleCSRF

high
8.8
First published (updated )
CVE-2022-0335

MoodleInsufficient capability checks could lead to users accessing their grade report for courses where th…

medium
4.3
First published (updated )
CVE-2022-0334

MoodleThe calendar:manageentries capability allowed managers to access or modify any calendar event, but s…

medium
5.5
First published (updated )
CVE-2022-0333

composer/moodle/moodleInfoleak

medium
4.3
First published (updated )
CVE-2021-40695

composer/moodle/moodleInsufficient escaping of the LaTeX preamble made it possible for site administrators to read files a…

medium
4.9
First published (updated )
CVE-2021-40694

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

composer/moodle/moodleAn authentication bypass risk was identified in the external database authentication functionality, …

medium
6.5
First published (updated )
CVE-2021-40693

composer/moodle/moodleInsufficient capability checks made it possible for teachers to download users outside of their cour…

medium
4.3
First published (updated )
CVE-2021-40692

composer/moodle/moodleA session hijack risk was identified in the Shibboleth authentication plugin.

medium
4.3
First published (updated )
CVE-2021-40691

MoodleInput Validation

critical
9.8
First published (updated )
CVE-2021-3943

MoodleInsufficient capability checks made it possible to fetch other users' calendar action events.

medium
5.3
First published (updated )
CVE-2021-43560

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203