Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-36398
In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle 3.11.0
5.3
CVSSv3
CVE-2021-36397
In Moodle, insufficient capability checks meant message deletions were not limited to the current user.
Moodle Moodle
5.4
CVSSv3
CVE-2021-36399
In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle 3.11.0
5.3
CVSSv3
CVE-2021-36400
In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.
Moodle Moodle
9.8
CVSSv3
CVE-2021-36392
In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.
Moodle Moodle
1 Github repository
9.8
CVSSv3
CVE-2021-36393
In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.
Moodle Moodle
2 Github repositories
9.8
CVSSv3
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.
Moodle Moodle
2 Github repositories
1 Article
7.5
CVSSv3
CVE-2021-36395
In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.
Moodle Moodle
7.5
CVSSv3
CVE-2021-36396
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.
Moodle Moodle
6.1
CVSSv3
CVE-2023-23921
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in cont...
Moodle Moodle 4.1.0
Moodle Moodle
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »