Linux Distros Unpatched Vulnerability : CVE-2017-12156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moodle 3.x has XSS in the contact form on the non-respondents page in non-anonymous feedback. CVE-2017-12156 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2018-1134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Moodle 3.x. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the...

SUSE CVE-2017-7532

In Moodle 3.x, course creators are able to change system default settings for courses...

SUSE CVE-2018-1042

Moodle 3.x has Server Side Request Forgery in the filepicker...

UBUNTU-CVE-2020-1691

In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting...

UBUNTU-CVE-2021-32473

It was possible for a student to view their quiz grade before it had been released, using a quiz web service. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...

UBUNTU-CVE-2018-1045

In Moodle 3.x, there is XSS via a calendar event name...