Vulnerabilities > Moodle > Moodle > 3.5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-25 | CVE-2019-3808 | Cross-site Scripting vulnerability in Moodle A flaw was found in Moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. | 4.0 |
2019-03-21 | CVE-2019-6970 | Server-Side Request Forgery (SSRF) vulnerability in Moodle Moodle 3.5.x before 3.5.4 allows SSRF. | 6.0 |
2018-11-26 | CVE-2018-16854 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier. | 6.8 |
2018-09-17 | CVE-2018-14631 | Cross-site Scripting vulnerability in Moodle moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. | 4.3 |
2018-09-17 | CVE-2018-14630 | Code Injection vulnerability in Moodle moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. | 6.5 |