Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-2986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk. CVE-2022-2986 Note that Nessus relies on the presence...

8.8CVSS6.2AI score0.00386EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.34 views

Moodle 3.11.x < 3.11.9 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...

8.8CVSS8.9AI score0.00691EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.35 views

Moodle 4.0.x < 4.0.3 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...

8.8CVSS8.9AI score0.00691EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/10/06 6:16 p.m.2 views

CVE-2022-2986

Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk...

8.8CVSS5.9AI score0.00386EPSS
Exploits0References4
NVD
NVD
added 2022/10/06 6:16 p.m.24 views

CVE-2022-2986

Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk...

8.8CVSS0.00386EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/06 12:0 a.m.28 views

CVE-2022-2986

Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk...

8.9AI score0.00386EPSS
Exploits0References2
CVE
CVE
added 2022/10/06 12:0 a.m.71 views

CVE-2022-2986

CVE-2022-2986 relates to a CSRF flaw in Moodle where enabling/disabling H5P libraries did not require a CSRF token, exposing high impact risk (CVSS v3.1: 8.8). The connected documents tie this to Moodle/H5P integration and note CSRF involvement across several advisories. No explicit product versi...

8.8CVSS8.5AI score0.00386EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder