Vulnerabilities > Moodle > Moodle > 1.9.19
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-25 | CVE-2022-0334 | Exposure of Resource to Wrong Sphere vulnerability in Moodle A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. | 4.3 |
2022-01-25 | CVE-2022-0335 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. | 8.8 |
2021-11-22 | CVE-2021-43558 | Cross-site Scripting vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. | 6.1 |
2021-11-22 | CVE-2021-43559 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. | 8.8 |
2021-11-22 | CVE-2021-43560 | Exposure of Resource to Wrong Sphere vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. | 5.3 |
2021-01-28 | CVE-2021-20187 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Moodle It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication. | 7.2 |
2020-02-17 | CVE-2020-1692 | Unspecified vulnerability in Moodle Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course. | 6.5 |
2019-07-31 | CVE-2019-10186 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 8.8 |
2019-03-27 | CVE-2019-3847 | Cross-site Scripting vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. | 4.8 |
2019-03-26 | CVE-2019-3848 | Incorrect Authorization vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. | 4.3 |