CVE-2019-14882
- EPSS 1.08%
- Veröffentlicht 18.03.2020 13:15:11
- Zuletzt bearbeitet 21.11.2024 04:27:36
A vulnerability was found in Moodle 3.7 to 3.7.3, 3.6 to 3.6.7, 3.5 to 3.5.9 and earlier where an open redirect existed in the Lesson edit page.
CVE-2020-1692
- EPSS 0.57%
- Veröffentlicht 17.02.2020 16:15:28
- Zuletzt bearbeitet 21.11.2024 05:11:10
Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.
CVE-2019-18210
- EPSS 0.79%
- Veröffentlicht 11.02.2020 14:15:17
- Zuletzt bearbeitet 21.11.2024 04:32:50
Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows authenticated users (Teacher and above) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the introeditor[text] parameter. NOT...
CVE-2019-14879
- EPSS 0.71%
- Veröffentlicht 07.01.2020 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:27:35
A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revoked (where applicable).
CVE-2012-1170
- EPSS 0.91%
- Veröffentlicht 14.11.2019 17:15:13
- Zuletzt bearbeitet 21.11.2024 01:36:35
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
CVE-2012-1157
- EPSS 1.22%
- Veröffentlicht 14.11.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 01:36:33
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
CVE-2012-1158
- EPSS 1.39%
- Veröffentlicht 14.11.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 01:36:33
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
CVE-2012-1159
- EPSS 1.42%
- Veröffentlicht 14.11.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 01:36:33
Moodle before 2.2.2: Overview report allows users to see hidden courses
- EPSS 1.24%
- Veröffentlicht 14.11.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 01:36:33
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
CVE-2012-1161
- EPSS 1.39%
- Veröffentlicht 14.11.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 01:36:33
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results