5 matches found
Moodle 4.4.x < 4.4.8 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is 4.1.x prior to 4.1.18 or 4.3.x prior to 4.3.12 or 4.4.x prior to 4.4.8 or 4.5.x prior to 4.5.4. It is, therefore, affected by multiple vulnerabilities : - Additional checks were required to ensure users can on...
Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is prior to 4.1.16 or 4.3.x prior to 4.3.10 or 4.4.x prior to 4.4.6 or 4.5.x prior to 4.5.2. It is, therefore, affected by multiple vulnerabilities. - An SQL injection risk was identified in the module list filte...
CVE-2025-26530
CVE-2025-26530 concerns Moodle where the question bank filter allowed a reflected XSS risk due to insufficient sanitization. The connected documents corroborate a reflected XSS in Moodle’s question bank filter, without detailing affected versions or patches in the provided sources. The CVE descri...
CVE-2020-25628
The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk. This affects 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier unsupported versions. Fixed in 3.9.2, 3.8.5, 3.7.8 and 3.5.14...
MGASA-2016-0122 Updated moodle packages fix security vulnerability
In Moodle before 2.8.11, teachers who otherwise were not supposed to see students' emails could see them in the participants list CVE-2016-2151. In Moodle before 2.8.11, Moodle traditionally trusted content from external DB, however it was decided that external datasources may not be aware of web...