Vulnerabilities > Moodle > Moodle > 3.5.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-31 | CVE-2019-14880 | Unspecified vulnerability in Moodle A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. | 6.4 |
| 2020-03-18 | CVE-2019-14884 | Cross-site Scripting vulnerability in Moodle A vulnerability was found in Moodle 3.7 before 3.73, 3.6 before 3.6.7 and 3.5 before 3.5.9, where a reflected XSS possible from some fatal error messages. | 4.3 |
| 2020-03-18 | CVE-2019-14882 | Open Redirect vulnerability in Moodle A vulnerability was found in Moodle 3.7 to 3.7.3, 3.6 to 3.6.7, 3.5 to 3.5.9 and earlier where an open redirect existed in the Lesson edit page. | 5.8 |
| 2020-02-17 | CVE-2020-1692 | Unspecified vulnerability in Moodle Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course. | 6.5 |
| 2020-02-11 | CVE-2019-18210 | Cross-site Scripting vulnerability in Moodle Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows authenticated users (Teacher and above) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the introeditor[text] parameter. | 3.5 |
| 2020-01-07 | CVE-2019-14879 | Improper Check for Dropped Privileges vulnerability in Moodle A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. | 5.5 |
| 2019-07-31 | CVE-2019-10189 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
| 2019-07-31 | CVE-2019-10188 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
| 2019-07-31 | CVE-2019-10187 | Improper Access Control vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 4.0 |
| 2019-07-31 | CVE-2019-10186 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 8.8 |