Vulnerabilities > Moodle > Moodle > 3.4.4

DATE CVE VULNERABILITY TITLE RISK
2019-03-26 CVE-2019-3850 Open Redirect vulnerability in Moodle
A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17.
network
moodle CWE-601
5.8
5.8
2019-03-26 CVE-2019-3849 Improper Privilege Management vulnerability in Moodle
A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8.
network
low complexity
moodle CWE-269
6.5
6.5
2019-03-26 CVE-2019-3848 Incorrect Authorization vulnerability in Moodle
A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8.
network
low complexity
moodle CWE-863
4.3
4.3
2019-03-25 CVE-2019-3810 Cross-site Scripting vulnerability in Moodle
A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions.
network
low complexity
moodle CWE-79
6.1
6.1
2019-03-25 CVE-2019-3808 Cross-site Scripting vulnerability in Moodle
A flaw was found in Moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions.
network
low complexity
moodle CWE-79
4.0
4.0
2018-11-26 CVE-2018-16854 Cross-Site Request Forgery (CSRF) vulnerability in Moodle
A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier.
network
moodle CWE-352
6.8
6.8
2018-09-17 CVE-2018-14631 Cross-site Scripting vulnerability in Moodle
moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered.
network
moodle CWE-79
4.3
4.3
2018-09-17 CVE-2018-14630 Code Injection vulnerability in Moodle
moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution.
network
low complexity
moodle CWE-94
6.5
6.5