Vulnerabilities > Moodle
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-06 | CVE-2021-36401 | Cross-site Scripting vulnerability in Moodle In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk. | 4.8 |
| 2023-03-06 | CVE-2021-36392 | SQL Injection vulnerability in Moodle In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses. | 9.8 |
| 2023-03-06 | CVE-2021-36393 | SQL Injection vulnerability in Moodle In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses. | 9.8 |
| 2023-03-06 | CVE-2021-36394 | Unspecified vulnerability in Moodle In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin. | 9.8 |
| 2023-03-06 | CVE-2021-36395 | Uncontrolled Recursion vulnerability in Moodle In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service. | 7.5 |
| 2023-03-06 | CVE-2021-36396 | Server-Side Request Forgery (SSRF) vulnerability in Moodle In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk. | 7.5 |
| 2023-02-17 | CVE-2023-23921 | Cross-site Scripting vulnerability in Moodle The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. | 6.1 |
| 2023-02-17 | CVE-2023-23922 | Cross-site Scripting vulnerability in Moodle The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. | 6.1 |
| 2023-02-17 | CVE-2023-23923 | Unspecified vulnerability in Moodle The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. | 8.2 |
| 2023-01-12 | CVE-2022-39183 | Open Redirect vulnerability in Moodle Saml Authentication Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors. | 6.1 |