5 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-35131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to...
PT-2023-25156 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle versions 3.11 to 3.11.14 Moodle versions 4.0 to 4.0.8 Moodle versions 4.1 to 4.1.3 Moodle version 4.2 Description: The issue is related to insufficient sanitizing of user-provided data on the groups page, which poses an XSS risk. This...
Moodle 4.0.x < 4.0.5 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...
Moodle 3.11.x < 3.11.5 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.12, 3.10.x prior to 3.10.9 or 3.11.x prior to 3.11.5. It is, therefore, affected by multiple vulnerabilities: - An SQL injection vulnerability in the h5p activity web service responsible for fetching user attempt data...
Moodle 跨站脚本漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A cross-site scripting vulnerability exists in Moodle that stems from not adequately handling user-supplied data passed to the web...