5 matches found
Moodle 3.11.x < 3.11.11 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...
Fedora 36 : moodle (2022-f7fdcb1820)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f7fdcb1820 advisory. Fixes for multiple CVEs Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora: Security Advisory for moodle (FEDORA-2022-f7fdcb1820)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for moodle (FEDORA-2022-cb7084ae1c)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-45152
CVE-2022-45152 corresponds to a blind Server-Side Request Forgery (SSRF) in Moodle. The issue arises from insufficient validation of user-supplied input in the LTI provider library, which does not use Moodle’s inbuilt cURL helper, enabling an attacker to craft requests that force the application ...