Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2014-0483)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References19
NVD
NVD
added 2014/11/24 11:59 a.m.24 views

CVE-2014-7832

mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by...

4CVSS6.1AI score0.01712EPSS
Exploits0References4
CVE
CVE
added 2014/11/24 11:0 a.m.60 views

CVE-2014-7832

The CVE-2014-7832 entry concerns Moodle's LTI module (mod/lti/launch.php). The vulnerability arises due to access control being enforced at the course level rather than the activity level, enabling remote authenticated users to bypass the mod/lti:view capability by viewing an activity instance. A...

4CVSS6.2AI score0.01712EPSS
Exploits0References4Affected Software1
Mageia
Mageia
added 2014/11/22 10:54 a.m.70 views

Updated moodle package fixes security vulnerabilities

In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References17
Rows per page
Query Builder