5 matches found
Moodle CMS 3.6.x < 3.6.2, 3.5.x < 3.5.4, 3.4.x < 3.4.7 and < 3.1.15 Multiple Vulnerabilities
Moodle CMS is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundatio...
CVE-2019-3808
A flaw was found in Moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The 'manage groups' capability did not have the 'XSS risk' flag assigned to it, but does have that access in certain places. Note that the capability is intended for use b...
CVE-2019-3808
CVE-2019-3808 affects Moodle versions 3.6–3.6.1, 3.5–3.5.3, 3.4–3.4.6, 3.1–3.1.15 and older unsupported releases. The issue is that the 'manage groups' capability did not have the 'XSS risk' flag assigned, yet is accessible in certain areas to trusted users (teachers and managers by default). The...
Fedora 28 : moodle (2019-077cd6f168)
Multiple CVE fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, In...
Fedora 29 : moodle (2019-d8ec88b21e)
Multiple CVE fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, In...