Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.42 views

Moodle 3.11.x < 3.11.11 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...

9.1CVSS6.2AI score0.01352EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/12/23 12:0 a.m.38 views

Fedora 36 : moodle (2022-f7fdcb1820)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f7fdcb1820 advisory. Fixes for multiple CVEs Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.1CVSS6.8AI score0.02587EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/12/07 12:0 a.m.23 views

Fedora: Security Advisory for moodle (FEDORA-2022-f7fdcb1820)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS6.3AI score0.02587EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/12/07 12:0 a.m.21 views

Fedora: Security Advisory for moodle (FEDORA-2022-cb7084ae1c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS6.3AI score0.02587EPSS
Exploits1References2
CVE
CVE
added 2022/11/23 12:0 a.m.94 views

CVE-2022-45150

CVE-2022-45150 is a Moodle vulnerability described in connected records as a reflected cross-site scripting (XSS) flaw. The root cause is insufficient sanitization of user-supplied data in the policy tool, allowing an attacker to lure a victim into opening a crafted link that executes arbitrary H...

6.1CVSS7AI score0.00671EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder