7 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-2986
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk. CVE-2022-2986 Note that Nessus relies on the presence...
Moodle 3.11.x < 3.11.9 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...
Moodle 4.0.x < 4.0.3 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...
CVE-2022-2986
Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk...
CVE-2022-2986
Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk...
CVE-2022-2986
Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk...
CVE-2022-2986
CVE-2022-2986 relates to a CSRF flaw in Moodle where enabling/disabling H5P libraries did not require a CSRF token, exposing high impact risk (CVSS v3.1: 8.8). The connected documents tie this to Moodle/H5P integration and note CSRF involvement across several advisories. No explicit product versi...