50 matches found
GHSA-CG8J-5CR2-568Q Moodle TeX formula editor is vulnerable to DoS through lack of execution time limits
A Denial of Service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade...
CVE-2026-26047 Moodle: moodle: uncontrolled resource consumption in tex formula editor leading to denial of service
A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade...
CVE-2026-26047 Moodle: moodle: uncontrolled resource consumption in tex formula editor leading to denial of service
A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade...
CVE-2026-26047
Moodle TeX formula editor is affected by a DoS in the TeX rendering path using mimetex. The vulnerability stems from insufficient execution time limits, allowing an authenticated user to craft formulas that consume excessive server resources and potentially degrade performance or cause service in...
Moodle 安全漏洞
Moodle is an open-source e-learning software platform developed by Moodle, also known as a course management system, learning management system, or virtual learning environment. There are security vulnerabilities in Moodle; these vulnerabilities stem from insufficient time limits for the TeX...
BIT-MOODLE-2025-67850 Moodle: moodle: cross-site scripting vulnerability via inadequate input filtering in formula editor
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
Linux Distros Unpatched Vulnerability : CVE-2025-67850
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor...
GHSA-6MMV-F6C6-V6Q8 Moodle vulnerable to Cross-site Scripting
A flaw was found in Moodle. This vulnerability, known as Cross-site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
Moodle vulnerable to Cross-site Scripting
A flaw was found in Moodle. This vulnerability, known as Cross-site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
Cross-site Scripting (XSS)
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via insufficient checks on user-provided data in the formula editor's arithmetic expression fields. An attacker can execute arbitrary scripts in the context of another user'...
CVE-2025-67850
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
CVE-2025-67850
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
CVE-2025-67850
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
UBUNTU-CVE-2025-67850
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
EUVD-2025-206736
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
CVE-2025-67850
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
CVE-2025-67850 Moodle: moodle: cross-site scripting vulnerability via inadequate input filtering in formula editor
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
CVE-2025-67850 Moodle: moodle: cross-site scripting vulnerability via inadequate input filtering in formula editor
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...
CVE-2025-67850
CVE-2025-67850 – Moodle XSS via formula editor : Affected component is Moodle, where insufficient validation of user-provided data in the formula editor’s arithmetic expression fields allows a remote attacker to inject malicious code. When other users view these expressions, the script can execut...
Moodle 安全漏洞
Moodle is an open-source e-learning software platform developed by Moodle. It is also known as a course management system, learning management system, or virtual learning environment. There are security vulnerabilities in Moodle. These vulnerabilities stem from the insufficient data checking in t...