2 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-1692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course. CVE-2020-1692 Note that Nessus relies...
CVE-2019-18210
Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows authenticated users Teacher and above to inject JavaScript into the session of another user e.g., enrolled student or site administrator via the introeditortext parameter. NOTE: the discoverer and vendor disagree on whether Mood...