Search CVE reports
131 – 140 of 582 results
CVE-2022-0333
Medium priorityA flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have...
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | — | — | — | Needs evaluation | Needs evaluation |
CVE-2022-0332
Medium priorityA flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | — | — | — | Needs evaluation | Needs evaluation |
CVE-2022-0323
Medium priorityImproper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1.
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | — | — | — | Needs evaluation | Needs evaluation |
CVE-2021-43560
Medium priorityA flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | — | — | — | Needs evaluation | Needs evaluation |
CVE-2021-43559
Medium priorityA flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | — | — | — | Needs evaluation | Needs evaluation |
CVE-2021-43558
Medium priorityA flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | — | — | — | Needs evaluation | Needs evaluation |
CVE-2021-3943
Medium priorityA flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified.
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | — | — | — | Needs evaluation | Needs evaluation |
CVE-2021-21809
Medium priorityA command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges...
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2021-32244
Medium priorityCross Site Scripting (XSS) in Moodle 3.10.3 allows remote attackers to execute arbitrary web script or HTML via the "Description" field.
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2019-14827
Medium priorityA vulnerability was found in Moodle where javaScript injection was possible in some Mustache templates via recursive rendering from contexts. Mustache helper tags that were included in template contexts were not being...
1 affected packages
moodle
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
moodle | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |