Vulnerabilities > Moodle > Moodle > 3.2.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-11 | CVE-2019-18210 | Cross-site Scripting vulnerability in Moodle Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows authenticated users (Teacher and above) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the introeditor[text] parameter. | 3.5 |
2019-07-31 | CVE-2019-10189 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
2019-07-31 | CVE-2019-10188 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
2019-07-31 | CVE-2019-10187 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
2019-07-31 | CVE-2019-10186 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 8.8 |
2019-06-26 | CVE-2019-10154 | Improper Access Control vulnerability in Moodle A flaw was found in Moodle before versions 3.7, 3.6.4. | 5.0 |
2019-03-26 | CVE-2019-3852 | Unspecified vulnerability in Moodle A vulnerability was found in moodle before version 3.6.3. | 4.0 |
2019-03-26 | CVE-2019-3849 | Improper Privilege Management vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. | 6.5 |
2019-03-26 | CVE-2019-3848 | Incorrect Authorization vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. | 4.3 |
2018-05-25 | CVE-2018-1137 | Improper Input Validation vulnerability in Moodle An issue was discovered in Moodle 3.x. | 5.5 |