Search CVE reports

Toggle filters

111 – 120 of 659 results

CVE-2023-5545

Medium priority
Needs evaluation

H5P metadata automatically populated the author with the user's username, which could be sensitive information.

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Needs evaluation
Show less packages

CVE-2023-5544

Medium priority
Needs evaluation

Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Needs evaluation
Show less packages

CVE-2023-5542

Medium priority
Ignored

Students in "Only see own membership" groups could see other students in the group, which should be hidden.

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2023-5541

Medium priority
Ignored

The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2023-5540

Medium priority
Ignored

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2023-5539

Medium priority
Needs evaluation

A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Needs evaluation
Show less packages

CVE-2023-46858

Medium priority
Not affected

Moodle 4.3 allows /grade/report/grader/index.php?searchvalue= reflected XSS when logged in as a teacher. NOTE: the Moodle Security FAQ link states "Some forms of rich content [are] used by teachers to enhance their courses ......

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Not affected
Show less packages

CVE-2023-40325

Medium priority
Needs evaluation

[Unknown description]

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Needs evaluation
Show less packages

CVE-2023-40324

Medium priority
Needs evaluation

[Unknown description]

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Needs evaluation
Show less packages

CVE-2023-40323

Medium priority
Ignored

[Unknown description]

1 affected package

moodle

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
moodle Not in release Not in release Not in release Not in release Ignored
Show less packages
  1. Previous page
  2. 10
  3. 11
  4. 12
  5. 13
  6. 14
  7. Next page
Export to JSON