Vulnerabilities > Moodle > Moodle > 3.9.21

DATE CVE VULNERABILITY TITLE RISK
2023-06-22 CVE-2023-35132 SQL Injection vulnerability in Moodle
A limited SQL injection risk was identified on the Mnet SSO access control page.
network
low complexity
moodle CWE-89
6.3
6.3
2023-06-22 CVE-2023-35133 Server-Side Request Forgery (SSRF) vulnerability in Moodle
An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk.
network
low complexity
moodle CWE-918
7.5
7.5