Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2021-36401
In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk.
Moodle Moodle
5.4
CVSSv3
CVE-2021-36399
In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle 3.11.0
5.3
CVSSv3
CVE-2021-36397
In Moodle, insufficient capability checks meant message deletions were not limited to the current user.
Moodle Moodle
5.4
CVSSv3
CVE-2021-36398
In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle 3.11.0
9.8
CVSSv3
CVE-2021-36392
In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.
Moodle Moodle
1 Github repository
7.5
CVSSv3
CVE-2021-36396
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.
Moodle Moodle
9.8
CVSSv3
CVE-2021-36393
In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.
Moodle Moodle
2 Github repositories
9.8
CVSSv3
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.
Moodle Moodle
2 Github repositories
1 Article
7.5
CVSSv3
CVE-2021-36395
In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.
Moodle Moodle
6.1
CVSSv3
CVE-2023-23922
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnera...
Moodle Moodle 4.1.0
Moodle Moodle
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »