Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-5539
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-5540
A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
6.1
CVSSv3
CVE-2023-5541
The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.
Moodle Moodle
4.3
CVSSv3
CVE-2023-5542
Students in "Only see own membership" groups could see other students in the group, which should be hidden.
Moodle Moodle 4.2.2
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
5.4
CVSSv3
CVE-2023-5544
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
Moodle Moodle
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.3
CVSSv3
CVE-2023-5545
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
5.4
CVSSv3
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
5.3
CVSSv3
CVE-2023-5548
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2023-5550
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
3.3
CVSSv3
CVE-2023-5551
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »