Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-28332
If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.
Moodle Moodle 4.0.0
Moodle Moodle 3.9.0
Moodle Moodle 4.1.0
Moodle Moodle 3.11.0
Moodle Moodle
Moodle Moodle 4.1.1
6.1
CVSSv3
CVE-2023-23922
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnera...
Moodle Moodle 4.1.0
Moodle Moodle
6.1
CVSSv3
CVE-2023-23921
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in cont...
Moodle Moodle 4.1.0
Moodle Moodle
6.1
CVSSv3
CVE-2022-39183
Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors.
Moodle Saml Authentication -
6.1
CVSSv3
CVE-2022-45150
A reflected cross-site scripting vulnerability exists in Moodle. This flaw exists due to insufficient sanitization of user-supplied data in policy tool. An attacker can trick the victim to open a specially crafted link that executes an arbitrary HTML and script code in user'...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.1
CVSSv3
CVE-2020-14320
In Moodle prior to 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk.
Moodle Moodle
Moodle Moodle 3.9.0
1 Github repository
6.1
CVSSv3
CVE-2022-35651
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user...
Moodle Moodle 4.0.0
Moodle Moodle
Moodle Moodle 4.0.1
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.1
CVSSv3
CVE-2022-35652
An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitrary URL/domain. Successful exp...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.1
CVSSv3
CVE-2022-35653
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script cod...
Moodle Moodle 4.0.0
Moodle Moodle
Moodle Moodle 4.0.1
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 8.0
1 Github repository
6.1
CVSSv3
CVE-2021-32478
The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and previous versions unsupported versions are affected.
Moodle Moodle
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »