Vulnerabilities > Moodle > Moodle > 3.11.1

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-48896 Information Exposure Through an Error Message vulnerability in Moodle
A vulnerability was found in Moodle.
network
low complexity
moodle CWE-209
4.3
4.3
2024-11-18 CVE-2024-48897 Incorrect Authorization vulnerability in Moodle
A vulnerability was found in Moodle.
network
low complexity
moodle CWE-863
4.3
4.3
2024-11-18 CVE-2024-48898 Missing Authorization vulnerability in Moodle
A vulnerability was found in Moodle.
network
low complexity
moodle CWE-862
4.3
4.3
2024-11-18 CVE-2024-48901 Incorrect Authorization vulnerability in Moodle
A vulnerability was found in Moodle.
network
low complexity
moodle CWE-863
4.3
4.3
2024-06-18 CVE-2024-38276 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Incorrect CSRF token checks resulted in multiple CSRF risks.
network
low complexity
fedoraproject moodle CWE-352
8.8
8.8
2024-02-12 CVE-2024-1439 Unspecified vulnerability in Moodle
Inadequate access control in Moodle LMS.
local
low complexity
moodle
3.3
3.3
2023-11-09 CVE-2023-5539 Code Injection vulnerability in multiple products
A remote code execution risk was identified in the Lesson activity.
network
low complexity
moodle fedoraproject CWE-94
8.8
8.8
2023-11-09 CVE-2023-5540 Code Injection vulnerability in multiple products
A remote code execution risk was identified in the IMSCP activity.
network
low complexity
moodle fedoraproject CWE-94
8.8
8.8
2023-11-09 CVE-2023-5541 Cross-site Scripting vulnerability in Moodle
The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.
network
low complexity
moodle CWE-79
6.1
6.1
2023-11-09 CVE-2023-5544 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
network
low complexity
moodle redhat fedoraproject CWE-639
5.4
5.4