Search CVE reports
291 – 300 of 637 results
In Moodle 3.x, XSS can occur via attachments to evidence of prior learning.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | — | — | — | Not affected |
In Moodle 3.x, XSS can occur via evidence of prior learning.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | — | — | — | Not affected |
In Moodle 3.2.x, global search displays user names for unauthenticated users.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | — | — | — | Not affected |
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | — | — | — | Not affected |
In Moodle 3.x, there is XSS in the assignment submission page.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Vulnerable |
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Vulnerable |
In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Vulnerable |
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Vulnerable |
In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Vulnerable |
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Vulnerable |