3 matches found
CVE-2021-36402
In Moodle, Users' names required additional sanitizing in the account confirmation email, to prevent a self-registration phishing risk...
CVE-2021-36402
Technical details (affected Moodle versions, remediation, exploitability) are not provided in the connected documents. Monitor for updates from official advisories; current entries reiterate a sanitization risk in Moodle account confirmation emails without further specifics.
Moodle 3.10.x < 3.10.5 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.8, 3.10.x prior to 3.10.5 or 3.11.x prior to 3.11.1. It is, therefore, affected by multiple vulnerabilities: - An SQL injection in the library fetching a user's enrolled courses. CVE-2021-36392 - An SQL injection in the...