Vulnerabilities > Moodle > Moodle > 2.5.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2019-18210 | Cross-site Scripting vulnerability in Moodle Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows authenticated users (Teacher and above) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the introeditor[text] parameter. | 3.5 |
| 2019-07-31 | CVE-2019-10189 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
| 2019-07-31 | CVE-2019-10188 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
| 2019-07-31 | CVE-2019-10187 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
| 2019-07-31 | CVE-2019-10186 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 8.8 |
| 2019-06-26 | CVE-2019-10154 | Improper Access Control vulnerability in Moodle A flaw was found in Moodle before versions 3.7, 3.6.4. | 5.0 |
| 2019-03-27 | CVE-2019-3847 | Cross-site Scripting vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. | 4.8 |
| 2019-03-26 | CVE-2019-3852 | Unspecified vulnerability in Moodle A vulnerability was found in moodle before version 3.6.3. | 4.0 |
| 2019-03-26 | CVE-2019-3850 | Open Redirect vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. | 5.8 |
| 2019-03-26 | CVE-2019-3849 | Improper Privilege Management vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. | 6.5 |