5 matches found
Moodle 3.9.x < 3.9.10 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.10, 3.10.x prior to 3.10.7 or 3.11.x prior to 3.11.3. It is, therefore, affected by multiple vulnerabilities: - A session hijack vulnerability was identified in the Shibboleth authentication plugin, when enabled...
Moodle 3.10.x < 3.10.7 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.10, 3.10.x prior to 3.10.7 or 3.11.x prior to 3.11.3. It is, therefore, affected by multiple vulnerabilities: - A session hijack vulnerability was identified in the Shibboleth authentication plugin, when enabled...
Moodle 3.11.x < 3.11.3 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.10, 3.10.x prior to 3.10.7 or 3.11.x prior to 3.11.3. It is, therefore, affected by multiple vulnerabilities: - A session hijack vulnerability was identified in the Shibboleth authentication plugin, when enabled...
CVE-2021-40693
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...
CVE-2021-40693
CVE-2021-40693 describes an authentication bypass risk in the Moodle external database authentication functionality caused by a type juggling vulnerability. Connected sources reference this CVE across multiple advisories (GitHub GHSA-2JXG-MV2M-J4R7, OSV, and Nessus/NVD context) and reiterate the ...