moodle

629 tracked vulnerabilities.

CVE-2020-25699 HIGH
Moodle 3.5.0-3.5.14, 3.7.0-3.7.8, 3.8.0-3.8.5, 3.9.0-3.9.2 - Incorrect Authorization in Course Restore
Nov 19, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-25698 HIGH
Moodle 3.5.0-3.5.14, 3.7.0-3.7.8, 3.8.0-3.8.5, 3.9.0-3.9.2 - Improper Access Control in Course Enrollment Restoration
Nov 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10738 HIGH
Moodle 3.5-3.5.11, 3.6-3.6.9, 3.7-3.7.5, 3.8-3.8.2 - Remote Code Execution via SCORM Package Web Services
May 21, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-1692 HIGH
Moodle < 3.7.2 - Information Exposure of Service Tokens
Feb 17, 2020
CVSS 8.1
EPSS 0.00
CVE-2019-14827 MEDIUM
Moodle 3.5.0-3.5.7 - Cross-Site Scripting via Mustache Template Recursive Rendering
May 17, 2021
CVSS 6.1
EPSS 0.00
CVE-2019-14831 MEDIUM
Moodle 3.5.0-3.5.7 - Open Redirect via Forced Subscription Forum Link
Mar 19, 2021
CVSS 6.1
EPSS 0.00
CVE-2019-14830 MEDIUM
Moodle 3.5.0-3.5.7 - Open Redirect via Mobile Launch Endpoint
Mar 19, 2021
CVSS 6.1
EPSS 0.02
CVE-2019-14829 MEDIUM
Moodle <3.7.1-<3.6.5-<3.5.7 - Info Disclosure
Mar 19, 2021
CVSS 4.3
EPSS 0.00
CVE-2019-14828 MEDIUM
Moodle 3.5.0-3.5.7 - Improper Authorization in Course Creation
Mar 19, 2021
CVSS 4.3
EPSS 0.00
CVE-2019-14880 CRITICAL
Moodle 3.5-3.5.8, 3.6-3.6.6, 3.7-3.7.2 - Improper Authentication during OAuth 2 Sign-Up
Mar 31, 2020
CVSS 9.1
EPSS 0.00
CVE-2019-14884 MEDIUM
Moodle 3.5.0-3.5.8, 3.6.0-3.6.6, 3.7.0-3.7.2 - Reflected Cross-Site Scripting via Fatal Error Messages
Mar 18, 2020
CVSS 6.1
EPSS 0.00
CVE-2019-14883 MEDIUM
Moodle 3.6-3.6.6 and 3.7-3.7.2 - Missing Authorization for Inline Email Attachment Access
Mar 18, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-14882 MEDIUM
Moodle 3.5.0-3.5.9, 3.6-3.6.7, 3.7-3.7.3 - Open Redirect in Lesson Edit Page
Mar 18, 2020
CVSS 6.1
EPSS 0.00
CVE-2019-14881 MEDIUM
moodle 3.7.0-3.7.2 - Reflected Cross-Site Scripting in Email Display
Mar 18, 2020
CVSS 6.1
EPSS 0.01
CVE-2019-18210 MEDIUM
Moodle < 3.7.2 - Authenticated Stored Cross-Site Scripting via introeditor[text] Parameter
Feb 11, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-14879 MEDIUM
Moodle <3.7.3, <3.6.7, <3.5.9 - Privilege Escalation
Jan 07, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-10189 MEDIUM
Moodle <3.7.1-3.5.7 - Privilege Escalation
Jul 31, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10188 MEDIUM
Moodle <3.7.1-3.5.7 - Privilege Escalation
Jul 31, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10187 MEDIUM
Moodle <3.7.1-3.5.7 - Privilege Escalation
Jul 31, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10186 HIGH
moodle < 3.5.7, 3.7.0-3.7.1 - Cross-Site Request Forgery in XML Loading/Unloading Admin Tool
Jul 31, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10154 HIGH
Moodle <3.7-3.6.4 - Info Disclosure
Jun 26, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-10134 LOW
Moodle <3.7-3.1.18 - Info Disclosure
Jun 26, 2019
CVSS 3.7
EPSS 0.00
CVE-2019-10133 LOW
Moodle 3.1.0-3.1.17, 3.6.0-3.6.4 - Open Redirect via Cohort Upload Form
Jun 26, 2019
CVSS 3.1
EPSS 0.00
CVE-2019-3847 MEDIUM
moodle < 3.1.17 and 3.6.0-3.6.3 - Stored Cross-Site Scripting in Dashboard JavaScript
Mar 27, 2019
CVSS 4.8
EPSS 0.01
CVE-2019-3852 MEDIUM
moodle < 3.6.3 - Incorrect Capability Check via Context Freezing Bypass
Mar 26, 2019
CVSS 4.3
EPSS 0.00
Products
moodle 624 Jmol Plugin 2 Moodle LMS 1 saml_authentication 1 virtual_programming_lab 1
Quick Filters
Critical CVEs With Exploits In CISA KEV