10 matches found
Moodle sends quiz-related messages to inactive/suspended users
Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information...
EUVD-2025-35672
Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information...
EUVD-2010-2245
Malware in sbrugna...
EUVD-2022-2088
Malicious code in bioql PyPI...
EUVD-2023-0921
Malicious code in bioql PyPI...
CVE-2021-32475
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...
CVE-2022-40208
In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt...
CVE-2010-2231
Cross-site request forgery CSRF vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter...
CVE-2010-2231
Cross-site request forgery CSRF vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter...
CVE-2010-2231
Moodle vulnerability CVE-2010-2231 is a CSRF in the quiz module (report/overview/report.php). Affects Moodle versions before 1.8.13 and 1.9.x before 1.9.9. The flaw allows remote attackers to hijack the authentication of arbitrary users to issue requests that delete quiz attempts via the attempti...