Vulnerabilities > Moodle > Moodle > 2.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-31 | CVE-2019-10187 | Missing Authorization vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.3 |
| 2019-07-31 | CVE-2019-10186 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 8.8 |
| 2019-06-26 | CVE-2019-10154 | Unspecified vulnerability in Moodle A flaw was found in Moodle before versions 3.7, 3.6.4. | 7.5 |
| 2019-03-27 | CVE-2019-3847 | Cross-site Scripting vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. | 4.8 |
| 2019-03-26 | CVE-2019-3852 | Unspecified vulnerability in Moodle A vulnerability was found in moodle before version 3.6.3. | 4.3 |
| 2019-03-26 | CVE-2019-3850 | Open Redirect vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. | 6.1 |
| 2019-03-26 | CVE-2019-3849 | Improper Privilege Management vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. | 8.8 |
| 2019-03-26 | CVE-2019-3848 | Incorrect Authorization vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. | 4.3 |
| 2018-11-26 | CVE-2018-16854 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier. | 8.8 |
| 2018-09-17 | CVE-2018-14630 | Code Injection vulnerability in Moodle moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. | 8.8 |