Vulnerabilities > Moodle > Moodle > 3.9.14

DATE CVE VULNERABILITY TITLE RISK
2022-07-25 CVE-2022-35650 Improper Input Validation vulnerability in multiple products
The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions.
network
low complexity
moodle fedoraproject CWE-20
7.5
7.5
2022-07-25 CVE-2022-35651 Cross-site Scripting vulnerability in multiple products
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details.
network
low complexity
moodle redhat fedoraproject CWE-79
6.1
6.1
2022-07-25 CVE-2022-35652 Open Redirect vulnerability in multiple products
An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature.
network
low complexity
moodle fedoraproject CWE-601
6.1
6.1
2022-07-25 CVE-2022-35653 Cross-site Scripting vulnerability in multiple products
A reflected XSS issue was identified in the LTI module of Moodle.
network
low complexity
moodle fedoraproject redhat CWE-79
6.1
6.1