moodle

629 tracked vulnerabilities.

CVE-2017-15110 MEDIUM
Moodle 3.x - Unauthorized Email Address Exposure via Participants Page Search
Nov 20, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-12157 MEDIUM
Moodle 3.x - Unauthorized Exposure of Sensitive Information via Course Reports
Sep 18, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-12156 MEDIUM
Moodle 3.x - Stored Cross-Site Scripting in Non-Respondents Contact Form
Sep 18, 2017
CVSS 6.1
EPSS 0.00
CVE-2017-7532 MEDIUM
Moodle 3.3.0 - Improper Privilege Management
Jul 17, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-7531 MEDIUM
Moodle < 3.3.1 - Unauthorized Exposure of Hidden Course Activities
Jul 17, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-2642 MEDIUM
Moodle 3.1-3.1.6 - Exposure of Sensitive Information via User Preferences Page
Jul 17, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-7491 MEDIUM
Moodle 2.x and 3.x - Cross-Site Request Forgery
May 15, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-7490 MEDIUM
Moodle 2.x and 3.x - Unauthenticated Arbitrary Blog Search via Missing Capability Check
May 15, 2017
CVSS 5.3
EPSS 0.00
CVE-2017-7489 MEDIUM
Moodle 2.x-3.x - Privilege Escalation
May 15, 2017
CVSS 6.3
EPSS 0.00
CVE-2017-7298 MEDIUM
Moodle >=3.2 - Cross-Site Scripting via Course Summary Filter SVG Attribute
Mar 29, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-2645 MEDIUM
Moodle 3.x < 3.1.5 - Cross-Site Scripting via Evidence of Prior Learning Attachments
Mar 26, 2017
CVSS 6.1
EPSS 0.00
CVE-2017-2644 MEDIUM
Moodle 3.x - Cross-Site Scripting via Evidence of Prior Learning
Mar 26, 2017
CVSS 6.1
EPSS 0.00
CVE-2017-2643 MEDIUM
Moodle 3.2.x - Unauthenticated Exposure of Sensitive Information via Global Search
Mar 26, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-2641 CRITICAL
Moodle 2.x-3.x - SQL Injection via User Preferences
Mar 26, 2017
CVSS 9.8
EPSS 0.02
CVE-2017-2578 MEDIUM
Moodle 3.x < 3.1.4 - Cross-Site Scripting in Assignment Submission Page
Jan 20, 2017
CVSS 6.1
EPSS 0.00
CVE-2017-2576 MEDIUM
Moodle < 2.7.17 and 2.7-2.7.18 - Improper Input Validation in Forum Attributes
Jan 20, 2017
CVSS 5.3
EPSS 0.00
CVE-2016-3734 HIGH
Moodle <3.0.3-<2.9.5-<2.8.11-<2.7.13 - CSRF
Apr 20, 2017
CVSS 8.8
EPSS 0.00
CVE-2016-3733 MEDIUM
Moodle <3.0.3-<2.8.11 - Privilege Escalation
Apr 20, 2017
CVSS 4.3
EPSS 0.00
CVE-2016-3732 MEDIUM
Moodle <3.0.3, <2.9.5, <2.8.11, <2.7.13 - Info Disclosure
Apr 20, 2017
CVSS 4.3
EPSS 0.00
CVE-2016-3731 MEDIUM
Moodle <3.0.3, <2.9.5, <2.8.11 - Info Disclosure
Apr 20, 2017
CVSS 5.3
EPSS 0.00
CVE-2016-3729 MEDIUM
Moodle <3.0.3, <2.9.5, <2.8.11, <2.7.13 - Privilege Escalation
Apr 20, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-8644 MEDIUM
Moodle 2.x and 3.x - Incorrect Access Control for Course Notes
Jan 20, 2017
CVSS 5.3
EPSS 0.00
CVE-2016-8643 MEDIUM
Moodle < 2.7.16 - Improper Access Control via Web Services
Jan 20, 2017
CVSS 4.3
EPSS 0.00
CVE-2016-8642 MEDIUM
Moodle < 2.7.16 and 3.1.0-3.1.3 - Improper Access Control in Question Engine
Jan 20, 2017
CVSS 5.3
EPSS 0.00
CVE-2016-7038 HIGH
Moodle 2.x and 3.x - Weak Password Recovery Mechanism
Jan 20, 2017
CVSS 7.3
EPSS 0.00
Products
moodle 624 Jmol Plugin 2 Moodle LMS 1 saml_authentication 1 virtual_programming_lab 1
Quick Filters
Critical CVEs With Exploits In CISA KEV