Vulnerabilities > Moodle > Moodle > 3.2.2

DATE CVE VULNERABILITY TITLE RISK
2018-05-25 CVE-2018-1136 Cross-site Scripting vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-79
4.0
4.0
2018-05-25 CVE-2018-1135 Information Exposure vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-200
4.0
4.0
2018-05-25 CVE-2018-1134 Improper Privilege Management vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-269
4.0
4.0
2018-05-25 CVE-2018-1133 Code Injection vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-94
6.5
6.5
2018-04-04 CVE-2018-1081 Unspecified vulnerability in Moodle
A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions.
network
low complexity
moodle
5.0
5.0
2018-01-22 CVE-2018-1045 Cross-site Scripting vulnerability in Moodle
In Moodle 3.x, there is XSS via a calendar event name.
network
moodle CWE-79
3.5
3.5
2018-01-22 CVE-2018-1044 Information Exposure vulnerability in Moodle
In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.
network
low complexity
moodle CWE-200
4.0
4.0
2018-01-22 CVE-2018-1043 Unspecified vulnerability in Moodle
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.
network
low complexity
moodle
4.0
4.0
2018-01-22 CVE-2018-1042 Server-Side Request Forgery (SSRF) vulnerability in Moodle
Moodle 3.x has Server Side Request Forgery in the filepicker.
network
low complexity
moodle CWE-918
4.0
4.0
2017-11-20 CVE-2017-15110 Information Exposure vulnerability in Moodle
In Moodle 3.x, students can find out email addresses of other students in the same course.
network
low complexity
moodle CWE-200
4.0
4.0