Filtered by vendor Moodle
Subscriptions
Total
550 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-43439 | 1 Moodle | 1 Moodle | 2024-11-12 | 5.4 Medium |
A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk. | ||||
CVE-2024-43435 | 1 Moodle | 1 Moodle | 2024-11-12 | 5.3 Medium |
A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary. | ||||
CVE-2024-43433 | 1 Moodle | 1 Moodle | 2024-11-12 | 5.3 Medium |
A flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users. | ||||
CVE-2024-43430 | 1 Moodle | 1 Moodle | 2024-11-12 | 5.3 Medium |
A flaw was found in moodle. External API access to Quiz can override contained insufficient access control. | ||||
CVE-2024-43438 | 1 Moodle | 1 Moodle | 2024-11-08 | 7.5 High |
A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report. | ||||
CVE-2024-43431 | 1 Moodle | 1 Moodle | 2024-11-08 | 7.5 High |
A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access. | ||||
CVE-2024-43436 | 1 Moodle | 1 Moodle | 2024-11-08 | 7.2 High |
A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. | ||||
CVE-2024-43434 | 1 Moodle | 1 Moodle | 2024-11-08 | 8.1 High |
The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability. | ||||
CVE-2024-43440 | 1 Moodle | 1 Moodle | 2024-11-08 | 7.5 High |
A flaw was found in moodle. A local file may include risks when restoring block backups. | ||||
CVE-2024-43425 | 1 Moodle | 1 Moodle | 2024-11-08 | 8.1 High |
A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions. |