Search CVE reports

Toggle filters

301 – 310 of 646 results

CVE-2017-2644

Medium priority
Ignored

In Moodle 3.x, XSS can occur via evidence of prior learning.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not affected
Show less packages

CVE-2017-2643

Medium priority
Ignored

In Moodle 3.2.x, global search displays user names for unauthenticated users.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not affected
Show less packages

CVE-2017-2641

Medium priority
Ignored

In Moodle 2.x and 3.x, SQL injection can occur via user preferences.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not affected
Show less packages

CVE-2017-2578

Low priority
Vulnerable

In Moodle 3.x, there is XSS in the assignment submission page.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2017-2576

Low priority
Vulnerable

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2016-8644

Medium priority
Vulnerable

In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2016-8643

Medium priority
Vulnerable

In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2016-8642

Medium priority
Vulnerable

In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2016-7038

Low priority
Vulnerable

In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2016-5014

Low priority
Vulnerable

In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.

1 affected package

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Vulnerable
Show less packages
  1. Previous page
  2. 29
  3. 30
  4. 31
  5. 32
  6. 33
  7. Next page
Export to JSON