Vulnerabilities > Moodle > Moodle > 3.2.0

DATE CVE VULNERABILITY TITLE RISK
2017-03-26 CVE-2017-2641 SQL Injection vulnerability in Moodle
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
network
low complexity
moodle CWE-89
7.5
7.5
2017-01-20 CVE-2017-2578 Cross-site Scripting vulnerability in Moodle
In Moodle 3.x, there is XSS in the assignment submission page.
network
moodle CWE-79
4.3
4.3
2017-01-20 CVE-2017-2576 Improper Input Validation vulnerability in Moodle
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
network
low complexity
moodle CWE-20
5.0
5.0