Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-5541
The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.
Moodle Moodle
4.3
CVSSv3
CVE-2023-5542
Students in "Only see own membership" groups could see other students in the group, which should be hidden.
Moodle Moodle 4.2.2
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
5.4
CVSSv3
CVE-2023-5544
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
Moodle Moodle
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.3
CVSSv3
CVE-2023-5545
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
5.4
CVSSv3
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
6.1
CVSSv3
CVE-2023-5547
The course upload preview contained an XSS risk for users uploading unsafe data.
Moodle Moodle
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.3
CVSSv3
CVE-2023-5548
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
5.3
CVSSv3
CVE-2023-5549
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2023-5550
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
3.3
CVSSv3
CVE-2023-5551
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »