Lucene search

The Moodle Project Security Vulnerabilities

cve

CVE-2020-1692

Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same...

8.1CVSS

6.2AI Score

0.001EPSS

2020-02-17 04:15 PM

cve

CVE-2019-10186

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin...

8.8CVSS

8.6AI Score

0.004EPSS

2019-07-31 10:15 PM

cve

CVE-2019-10189

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same...

4.3CVSS

4.7AI Score

0.001EPSS

2019-07-31 10:15 PM

In Wild

cve

CVE-2019-10188

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same...

4.3CVSS

4.7AI Score

0.001EPSS

2019-07-31 10:15 PM

cve

CVE-2019-10187

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access...

4.3CVSS

4.6AI Score

0.001EPSS

2019-07-31 10:15 PM