Moodle 3.9.x < 3.9.7 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.5.x prior to 3.5.18, 3.8.x prior to 3.8.9, 3.9.x prior to 3.9.7 or 3.10.x prior to 3.10.4. It is, therefore, affected by multiple vulnerabilities:

• An authorization issue allowing teachers to export a CSV file containing forums from all courses. (CVE-2021-32472)

• An information disclosure allowing students to see their quiz grade through the quiz web service before its release. (CVE-2021-32473)

• An SQL injection on MNet enabled sites via an XML RPC call from the connected peer host for site administrators or users having access to the keypair. (CVE-2021-32474)

• A stored Cross-Site Scripting vulnerability through the ID number displayed in the quiz grading report. (CVE-2021-32475)

• A Denial of Service (DoS) due to user file upload limits not being enforced in the draft files area. (CVE-2021-32476)

• An information disclosure exposing the last time a user accessed the mobile page on its profile page. (CVE-2021-32477)

• A Cross-Site Scripting (XSS) and open redirect lnerability through the redirect URI of the the LTI authorization endpoint. (CVE-2021-32478)

• A vulnerable H5P PHP version 1.24 embedded library.

Note that the scanner has not attempted to exploit this issue but has instead relied only on application’s self-reported version number.