3.9.24

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-07	CVE-2024-43425	Unspecified vulnerability in Moodle A flaw was found in Moodle. network high complexity moodle	8.1
2024-11-07	CVE-2024-43428	Unspecified vulnerability in Moodle To address a cache poisoning risk in Moodle, additional validation for local storage was required. local low complexity moodle	7.1
2024-11-07	CVE-2024-43431	Unspecified vulnerability in Moodle A vulnerability was found in Moodle. network low complexity moodle	7.5
2024-11-07	CVE-2024-43434	Unspecified vulnerability in Moodle The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability. network low complexity moodle	8.1
2024-11-07	CVE-2024-43440	Unspecified vulnerability in Moodle A flaw was found in moodle. network low complexity moodle	7.5
2024-06-18	CVE-2024-38276	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Incorrect CSRF token checks resulted in multiple CSRF risks. network low complexity fedoraproject moodle CWE-352	8.8
2024-02-12	CVE-2024-1439	Unspecified vulnerability in Moodle Inadequate access control in Moodle LMS. local low complexity moodle	3.3
2021-01-28	CVE-2021-20183	Unspecified vulnerability in Moodle It was found in Moodle before version 3.10.1 that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries. network low complexity moodle	5.4