Vulnerabilities > Moodle

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-48896 Information Exposure Through an Error Message vulnerability in Moodle
A vulnerability was found in Moodle.
network
low complexity
moodle CWE-209
4.3
4.3
2024-11-18 CVE-2024-48897 Incorrect Authorization vulnerability in Moodle
A vulnerability was found in Moodle.
network
low complexity
moodle CWE-863
4.3
4.3
2024-11-18 CVE-2024-48898 Missing Authorization vulnerability in Moodle
A vulnerability was found in Moodle.
network
low complexity
moodle CWE-862
4.3
4.3
2024-11-18 CVE-2024-48901 Incorrect Authorization vulnerability in Moodle
A vulnerability was found in Moodle.
network
low complexity
moodle CWE-863
4.3
4.3
2024-11-11 CVE-2024-43439 Unspecified vulnerability in Moodle
A flaw was found in moodle.
network
low complexity
moodle
6.1
6.1
2024-11-11 CVE-2024-43437 Unspecified vulnerability in Moodle
A flaw was found in moodle.
network
low complexity
moodle
6.1
6.1
2024-06-24 CVE-2024-34312 Cross-site Scripting vulnerability in Moodle Virtual Programming LAB
Virtual Programming Lab for Moodle up to v4.2.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component vplide.js.
network
low complexity
moodle CWE-79
6.1
6.1
2024-06-18 CVE-2024-38276 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Incorrect CSRF token checks resulted in multiple CSRF risks.
network
low complexity
fedoraproject moodle CWE-352
8.8
8.8
2024-05-31 CVE-2024-34008 Cross-Site Request Forgery (CSRF) vulnerability in Moodle
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF risk.
network
low complexity
moodle CWE-352
8.8
8.8
2024-02-19 CVE-2024-25978 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
network
low complexity
moodle fedoraproject CWE-770
7.5
7.5