Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 4.0.0 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-30597
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.
Moodle Moodle
Moodle Moodle 4.0.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
4.3
CVSSv3
CVE-2022-40208
In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt.
Moodle Moodle 4.0.0
Moodle Moodle 3.9.0
Moodle Moodle 3.11.0
Moodle Moodle
4.3
CVSSv3
CVE-2023-1402
The course participation report required additional checks to prevent roles being displayed which the user did not have access to view.
Moodle Moodle 4.0.0
Moodle Moodle 3.9.0
Moodle Moodle 4.1.0
Moodle Moodle 3.11.0
Moodle Moodle
Moodle Moodle 4.1.1
4.3
CVSSv3
CVE-2023-28334
Authenticated users were able to enumerate other users' names via the learning plans page.
Moodle Moodle 4.0.0
Moodle Moodle 4.1.0
Moodle Moodle
Moodle Moodle 4.1.1
4.3
CVSSv3
CVE-2023-28336
Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.
Moodle Moodle 4.0.0
Moodle Moodle 3.9.0
Moodle Moodle 4.1.0
Moodle Moodle 3.11.0
Moodle Moodle
Moodle Moodle 4.1.1
Fedoraproject Fedora 36
4.3
CVSSv3
CVE-2022-30598
A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.
Moodle Moodle
Moodle Moodle 4.0.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2010-2479
Cross-site scripting (XSS) vulnerability in HTML Purifier prior to 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Htmlpurifier Htmlpurifier 2.0.1
Htmlpurifier Htmlpurifier 1.0.1
Htmlpurifier Htmlpurifier 1.1.2
Htmlpurifier Htmlpurifier 3.2.0
Htmlpurifier Htmlpurifier 2.1.3
Htmlpurifier Htmlpurifier 2.1.5
Htmlpurifier Htmlpurifier 2.1.1
Htmlpurifier Htmlpurifier 1.6.0
Htmlpurifier Htmlpurifier 1.2.0
Htmlpurifier Htmlpurifier 2.1.2
Htmlpurifier Htmlpurifier 2.1.4
Htmlpurifier Htmlpurifier 3.1.0
Htmlpurifier Htmlpurifier 2.1.0
Htmlpurifier Htmlpurifier 4.0.0
Htmlpurifier Htmlpurifier
Htmlpurifier Htmlpurifier 1.4.1
Htmlpurifier Htmlpurifier 3.3.0
Htmlpurifier Htmlpurifier 1.0.0
Htmlpurifier Htmlpurifier 3.1.1
Htmlpurifier Htmlpurifier 1.1.0
Htmlpurifier Htmlpurifier 2.0.0
Htmlpurifier Htmlpurifier 1.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280
CVE-2024-5346
CVE-2024-30078
CVE-2022-45803
CVE-2024-36886
SQL
CVE-2024-24553
IMAP
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2