Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same...
8.1CVSS
6.2AI Score
0.001EPSS
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin...
8.8CVSS
8.6AI Score
0.004EPSS
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same...
4.3CVSS
4.7AI Score
0.001EPSS
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same...
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access...
4.3CVSS
4.6AI Score
0.001EPSS