3 matches found
CVE-2021-36398
In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk...
Moodle 3.11.x < 3.11.1 Multiple XSS Vulnerabilities
Moodle is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Moodle 3.10.x < 3.10.5 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.8, 3.10.x prior to 3.10.5 or 3.11.x prior to 3.11.1. It is, therefore, affected by multiple vulnerabilities: - An SQL injection in the library fetching a user's enrolled courses. CVE-2021-36392 - An SQL injection in the...