Vulnerabilities > Moodle > Moodle > 3.7.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-31 | CVE-2019-14880 | Unspecified vulnerability in Moodle A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. | 6.4 |
| 2020-03-18 | CVE-2019-14884 | Cross-site Scripting vulnerability in Moodle A vulnerability was found in Moodle 3.7 before 3.73, 3.6 before 3.6.7 and 3.5 before 3.5.9, where a reflected XSS possible from some fatal error messages. | 4.3 |
| 2020-03-18 | CVE-2019-14883 | Incorrect Authorization vulnerability in Moodle A vulnerability was found in Moodle 3.6 before 3.6.7 and 3.7 before 3.7.3, where tokens used to fetch inline atachments in email notifications were not disabled when a user's account was no longer active. | 4.3 |
| 2020-03-18 | CVE-2019-14882 | Open Redirect vulnerability in Moodle A vulnerability was found in Moodle 3.7 to 3.7.3, 3.6 to 3.6.7, 3.5 to 3.5.9 and earlier where an open redirect existed in the Lesson edit page. | 5.8 |
| 2020-01-07 | CVE-2019-14879 | Improper Check for Dropped Privileges vulnerability in Moodle A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. | 5.5 |