8 matches found
EUVD-2020-12586
Malware in sbrugna...
BIT-MOODLE-2025-26530 Reflected XSS via question bank filter
The question bank filter required additional sanitizing to prevent a reflected XSS risk...
GHSA-H697-W4PH-7PCX Moodle has a stored XSS in ddimageortext question type
The drag-and-drop onto image ddimageortext question type required additional sanitizing to prevent a stored XSS risk...
PT-2024-8616 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle versions affected versions not specified Description: A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. This issue is related to the lack of protection against SQL query structure...
CVE-2023-28330 Moodle: authenticated arbitrary file read through malformed backup file
Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default...
CVE-2021-36402
In Moodle, Users' names required additional sanitizing in the account confirmation email, to prevent a self-registration phishing risk...
CVE-2021-36393
In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses...
CVE-2021-36392
In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses...