| 0 |
| url |
VCID-2s6b-tp6p-gue1 |
| vulnerability_id |
VCID-2s6b-tp6p-gue1 |
| summary |
Cross-Site Request Forgery (CSRF)
A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.5.7 |
| purl |
pkg:composer/moodle/moodle@3.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 2 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 3 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 8 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 9 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 19 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 20 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.7.1 |
| purl |
pkg:composer/moodle/moodle@3.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-494p-pmxw-b7e2 |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 15 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 16 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1 |
|
|
| aliases |
CVE-2019-10186, GHSA-wv9c-pfpm-4wc5
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2s6b-tp6p-gue1 |
|
| 1 |
| url |
VCID-65y9-9ur2-pugc |
| vulnerability_id |
VCID-65y9-9ur2-pugc |
| summary |
Improper Input Validation
There is incorrect sanitization of attributes in forums. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.0.0-beta |
| purl |
pkg:composer/moodle/moodle@3.0.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 4 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 5 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 9 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 14 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 15 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 16 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 17 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 21 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 22 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 23 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.0.8 |
| purl |
pkg:composer/moodle/moodle@3.0.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 9 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 13 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 14 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 17 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 18 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 19 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 20 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 21 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 22 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 23 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 24 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 25 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 26 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 27 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 28 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.8 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.1.4 |
| purl |
pkg:composer/moodle/moodle@3.1.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 3 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 7 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 8 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 9 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 10 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 11 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 12 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 13 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 14 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 15 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 16 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 17 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 18 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 19 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 20 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 21 |
| vulnerability |
VCID-jn5n-6hg9-tyf7 |
|
| 22 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 23 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 24 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 25 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 26 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 27 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 28 |
| vulnerability |
VCID-q2fa-jymp-c3bb |
|
| 29 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 30 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 31 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 32 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 33 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 34 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 35 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 36 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 37 |
| vulnerability |
VCID-x927-nh46-7fdy |
|
| 38 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 39 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 40 |
| vulnerability |
VCID-yp82-zj5g-pbaf |
|
| 41 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 42 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 43 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.4 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.2.1 |
| purl |
pkg:composer/moodle/moodle@3.2.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2qjr-wjh1-8fh6 |
|
| 2 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 5 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 8 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 9 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 10 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 11 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 14 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-jn5n-6hg9-tyf7 |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-nc2j-pay7-ryab |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 23 |
| vulnerability |
VCID-q2fa-jymp-c3bb |
|
| 24 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 25 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-x927-nh46-7fdy |
|
| 29 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 30 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 31 |
| vulnerability |
VCID-yp82-zj5g-pbaf |
|
| 32 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 33 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 34 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.1 |
|
|
| aliases |
CVE-2017-2576, GHSA-cjrf-xg77-chpw
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-65y9-9ur2-pugc |
|
| 2 |
| url |
VCID-83kb-4mk9-t7ge |
| vulnerability_id |
VCID-83kb-4mk9-t7ge |
| summary |
Information Exposure
Students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.9 |
| purl |
pkg:composer/moodle/moodle@3.1.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 8 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 9 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 10 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 11 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 14 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 21 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 22 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 23 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 24 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 25 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 26 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 27 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 28 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 29 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 30 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 31 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 32 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.9 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.2.6 |
| purl |
pkg:composer/moodle/moodle@3.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 4 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 5 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 8 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-nc2j-pay7-ryab |
|
| 14 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 15 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 18 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 19 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 20 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 21 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.6 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.3.3 |
| purl |
pkg:composer/moodle/moodle@3.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 11 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 15 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 16 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 17 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 18 |
| vulnerability |
VCID-nc2j-pay7-ryab |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 21 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 22 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 23 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 24 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 25 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 26 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 27 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.3 |
|
|
| aliases |
CVE-2017-15110, GHSA-rjh8-w8jg-xwq5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-83kb-4mk9-t7ge |
|
| 3 |
| url |
VCID-a6pb-47tu-afcg |
| vulnerability_id |
VCID-a6pb-47tu-afcg |
| summary |
Information Exposure
Moodle is vulnerable to information exposure of service tokens for users enrolled in the same course. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.7.2 |
| purl |
pkg:composer/moodle/moodle@3.7.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 8 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 11 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 12 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 13 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 14 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.2 |
|
|
| aliases |
CVE-2020-1692, GHSA-9328-7pcw-vw69
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a6pb-47tu-afcg |
|
| 4 |
| url |
VCID-ajkr-fxa1-mkhk |
| vulnerability_id |
VCID-ajkr-fxa1-mkhk |
| summary |
Cross-site Scripting
Moodle is vulnerable to XSS via a calendar event name. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.10 |
| purl |
pkg:composer/moodle/moodle@3.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 22 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 23 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.2.7 |
| purl |
pkg:composer/moodle/moodle@3.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 3 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 6 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 10 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 11 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 12 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 13 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.3.4 |
| purl |
pkg:composer/moodle/moodle@3.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 9 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 10 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 16 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 17 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 18 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 21 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 22 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 25 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4 |
|
|
| aliases |
CVE-2018-1045, GHSA-595j-wpfg-23w4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ajkr-fxa1-mkhk |
|
| 5 |
| url |
VCID-bjnq-q2nd-1khp |
| vulnerability_id |
VCID-bjnq-q2nd-1khp |
| summary |
Cross-Site Request Forgery (CSRF)
The login form is not protected by a token to prevent login cross-site request forgery. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.15 |
| purl |
pkg:composer/moodle/moodle@3.1.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 5 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 6 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 7 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 10 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 11 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 12 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 13 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 14 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 15 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 16 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 19 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.6 |
| purl |
pkg:composer/moodle/moodle@3.4.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 12 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 13 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.5.3 |
| purl |
pkg:composer/moodle/moodle@3.5.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 3 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 8 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 9 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 10 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 11 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 14 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 15 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 16 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 17 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 18 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 19 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 20 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 21 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 22 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 23 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 24 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 25 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 26 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 27 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 28 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 29 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 30 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 31 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 32 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 33 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 34 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 35 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 36 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3 |
|
|
| aliases |
CVE-2018-16854, GHSA-xj5f-qv37-r9jc
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bjnq-q2nd-1khp |
|
| 6 |
| url |
VCID-duna-st9c-mqbk |
| vulnerability_id |
VCID-duna-st9c-mqbk |
| summary |
Information Exposure
In Moodle, the quiz web services allow students to see quiz results when it is prohibited in the settings. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.10 |
| purl |
pkg:composer/moodle/moodle@3.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 22 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 23 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.2.7 |
| purl |
pkg:composer/moodle/moodle@3.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 3 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 6 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 10 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 11 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 12 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 13 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.3.4 |
| purl |
pkg:composer/moodle/moodle@3.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 9 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 10 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 16 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 17 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 18 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 21 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 22 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 25 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.1 |
| purl |
pkg:composer/moodle/moodle@3.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 11 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 21 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 22 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 25 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 29 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1 |
|
|
| aliases |
CVE-2018-1044, GHSA-332g-xh34-5c96
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-duna-st9c-mqbk |
|
| 7 |
| url |
VCID-eu27-a3px-87ed |
| vulnerability_id |
VCID-eu27-a3px-87ed |
| summary |
Improper Access Control
Teachers in an assignment group could modify group overrides for other groups in the same assignment. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.5.7 |
| purl |
pkg:composer/moodle/moodle@3.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 2 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 3 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 8 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 9 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 19 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 20 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.7.1 |
| purl |
pkg:composer/moodle/moodle@3.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-494p-pmxw-b7e2 |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 15 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 16 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1 |
|
|
| aliases |
CVE-2019-10189, GHSA-h7xp-7fjp-ghhc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eu27-a3px-87ed |
|
| 8 |
|
| 9 |
| url |
VCID-k73h-z6j8-gkgz |
| vulnerability_id |
VCID-k73h-z6j8-gkgz |
| summary |
Information Exposure
The `/userpix/` page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by default and its access is restricted. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.15 |
| purl |
pkg:composer/moodle/moodle@3.1.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 5 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 6 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 7 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 10 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 11 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 12 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 13 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 14 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 15 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 16 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 19 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.1.16 |
| purl |
pkg:composer/moodle/moodle@3.1.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 10 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 11 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 16 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.16 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.6 |
| purl |
pkg:composer/moodle/moodle@3.4.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 12 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 13 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.4.7 |
| purl |
pkg:composer/moodle/moodle@3.4.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 10 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 11 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 16 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.7 |
|
| 5 |
| url |
pkg:composer/moodle/moodle@3.5.3 |
| purl |
pkg:composer/moodle/moodle@3.5.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 3 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 8 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 9 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 10 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 11 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 14 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 15 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 16 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 17 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 18 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 19 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 20 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 21 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 22 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 23 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 24 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 25 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 26 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 27 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 28 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 29 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 30 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 31 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 32 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 33 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 34 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 35 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 36 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3 |
|
| 6 |
| url |
pkg:composer/moodle/moodle@3.5.4 |
| purl |
pkg:composer/moodle/moodle@3.5.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 7 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 11 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 12 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 13 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 14 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 17 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 18 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 19 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 20 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 21 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 22 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 23 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 24 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 25 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 26 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 27 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 28 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 29 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 30 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 31 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 32 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 33 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 34 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.4 |
|
| 7 |
| url |
pkg:composer/moodle/moodle@3.6.1 |
| purl |
pkg:composer/moodle/moodle@3.6.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 4 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 5 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 6 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 9 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 12 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 13 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 14 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 15 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 16 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 17 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 21 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.1 |
|
| 8 |
| url |
pkg:composer/moodle/moodle@3.6.2 |
| purl |
pkg:composer/moodle/moodle@3.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 3 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 6 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 7 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 10 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 11 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 12 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 13 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 14 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 15 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 16 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 17 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 18 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 19 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 20 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.2 |
|
|
| aliases |
CVE-2019-3810, GHSA-wm4w-8vc6-2j4h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k73h-z6j8-gkgz |
|
| 10 |
|
| 11 |
| url |
VCID-m4zv-e3dn-budf |
| vulnerability_id |
VCID-m4zv-e3dn-budf |
| summary |
Improper Access Control
Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.11 |
| purl |
pkg:composer/moodle/moodle@3.1.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 24 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 25 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 26 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 27 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 28 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.11 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.2.8 |
| purl |
pkg:composer/moodle/moodle@3.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 3 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 6 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 10 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 11 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 12 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 17 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.8 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.3.5 |
| purl |
pkg:composer/moodle/moodle@3.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 9 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 10 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 11 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 14 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 15 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 23 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.4.2 |
| purl |
pkg:composer/moodle/moodle@3.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 11 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 24 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 25 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 26 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.2 |
|
|
| aliases |
CVE-2018-1081, GHSA-v9xq-vh72-chr4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m4zv-e3dn-budf |
|
| 12 |
| url |
VCID-mkfz-e1ft-2bcw |
| vulnerability_id |
VCID-mkfz-e1ft-2bcw |
| summary |
Code Injection
It was found in Moodle that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-20187, GHSA-2jrm-gww7-wch2
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mkfz-e1ft-2bcw |
|
| 13 |
| url |
VCID-nntc-dsz1-e3fp |
| vulnerability_id |
VCID-nntc-dsz1-e3fp |
| summary |
Cross-site Scripting
It was found in Moodle that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-20186, GHSA-h8m4-h385-qhqv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nntc-dsz1-e3fp |
|
| 14 |
| url |
VCID-qhv1-wgpm-7fh6 |
| vulnerability_id |
VCID-qhv1-wgpm-7fh6 |
| summary |
Improper Authorization
Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.5.5 |
| purl |
pkg:composer/moodle/moodle@3.5.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 7 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 12 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 13 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 16 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 23 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 24 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 25 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.6.3 |
| purl |
pkg:composer/moodle/moodle@3.6.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 9 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 10 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 11 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3 |
|
|
| aliases |
CVE-2019-3849, GHSA-5wg9-5w3f-hxmh
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qhv1-wgpm-7fh6 |
|
| 15 |
| url |
VCID-r6kn-b963-eqge |
| vulnerability_id |
VCID-r6kn-b963-eqge |
| summary |
URL Redirection to Untrusted Site (Open Redirect)
Links within assignment submission comments would open directly (in the same window). Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more susceptible to exploits. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.17 |
| purl |
pkg:composer/moodle/moodle@3.1.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 10 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 11 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 12 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 13 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 14 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.5.5 |
| purl |
pkg:composer/moodle/moodle@3.5.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 7 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 12 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 13 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 16 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 23 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 24 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 25 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.6.3 |
| purl |
pkg:composer/moodle/moodle@3.6.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 9 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 10 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 11 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3 |
|
|
| aliases |
CVE-2019-3850, GHSA-3fj7-9j8m-7r8g
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r6kn-b963-eqge |
|
| 16 |
| url |
VCID-s6uu-335k-yfbc |
| vulnerability_id |
VCID-s6uu-335k-yfbc |
| summary |
Improper Input Validation
Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.17 |
| purl |
pkg:composer/moodle/moodle@3.1.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 10 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 11 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 12 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 13 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 14 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.5.5 |
| purl |
pkg:composer/moodle/moodle@3.5.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 7 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 12 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 13 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 16 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 23 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 24 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 25 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.6.3 |
| purl |
pkg:composer/moodle/moodle@3.6.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 9 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 10 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 11 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3 |
|
|
| aliases |
CVE-2019-3847, GHSA-qrcj-6fjw-3h9h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s6uu-335k-yfbc |
|
| 17 |
| url |
VCID-vfp6-4h8n-bkax |
| vulnerability_id |
VCID-vfp6-4h8n-bkax |
| summary |
Code Injection
Moodle is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy `drag and drop into text` (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.14 |
| purl |
pkg:composer/moodle/moodle@3.1.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 5 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 9 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 10 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 11 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 12 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 13 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 14 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 15 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 16 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 17 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 18 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 19 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 20 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.14 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.3.8 |
| purl |
pkg:composer/moodle/moodle@3.3.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 10 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 11 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 12 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 13 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.8 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.5 |
| purl |
pkg:composer/moodle/moodle@3.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 4 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 5 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 6 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 7 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 10 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 11 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 12 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 13 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 14 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 15 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 16 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 19 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.5.2 |
| purl |
pkg:composer/moodle/moodle@3.5.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 3 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 8 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 9 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 10 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 11 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 12 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 13 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 14 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 15 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 16 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 17 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 18 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 19 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 20 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 21 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 22 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 23 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 24 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 25 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 26 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 27 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 28 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 29 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 30 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 31 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 32 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 33 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 34 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 35 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 36 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 37 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.2 |
|
|
| aliases |
CVE-2018-14630, GHSA-c3pr-h96w-2jjg
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vfp6-4h8n-bkax |
|
| 18 |
| url |
VCID-w9ca-exua-g7ar |
| vulnerability_id |
VCID-w9ca-exua-g7ar |
| summary |
Improper Access Control
Teachers in a quiz group could modify group overrides for other groups in the same quiz. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.5.7 |
| purl |
pkg:composer/moodle/moodle@3.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 2 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 3 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 8 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 9 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 19 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 20 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.7.1 |
| purl |
pkg:composer/moodle/moodle@3.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-494p-pmxw-b7e2 |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 15 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 16 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1 |
|
|
| aliases |
CVE-2019-10188, GHSA-92q5-2h76-vgmj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w9ca-exua-g7ar |
|
| 19 |
| url |
VCID-x7rg-rsb5-pya7 |
| vulnerability_id |
VCID-x7rg-rsb5-pya7 |
| summary |
Improper Access Control
Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.5.7 |
| purl |
pkg:composer/moodle/moodle@3.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 2 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 3 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 8 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 9 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 19 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 20 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.7.1 |
| purl |
pkg:composer/moodle/moodle@3.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-494p-pmxw-b7e2 |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 15 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 16 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1 |
|
|
| aliases |
CVE-2019-10187, GHSA-2mg9-hv69-897x
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x7rg-rsb5-pya7 |
|
| 20 |
| url |
VCID-y8up-cqtu-jkdw |
| vulnerability_id |
VCID-y8up-cqtu-jkdw |
| summary |
Cross-site Scripting
Persistent XSS in `/course/modedit.php` of Moodle allows authenticated users (Teacher) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the `introeditor[text]` parameter. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.7.3 |
| purl |
pkg:composer/moodle/moodle@3.7.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 8 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 11 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 12 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 13 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.3 |
|
|
| aliases |
CVE-2019-18210, GHSA-q6vw-27c6-jv9c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y8up-cqtu-jkdw |
|
| 21 |
| url |
VCID-yghg-775s-vber |
| vulnerability_id |
VCID-yghg-775s-vber |
| summary |
Server-Side Request Forgery (SSRF)
Moodle has Server Side Request Forgery in the `filepicker`. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.10 |
| purl |
pkg:composer/moodle/moodle@3.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 22 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 23 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.2.7 |
| purl |
pkg:composer/moodle/moodle@3.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 3 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 6 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 10 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 11 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 12 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 13 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.3.4 |
| purl |
pkg:composer/moodle/moodle@3.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 9 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 10 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 16 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 17 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 18 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 21 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 22 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 25 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.1 |
| purl |
pkg:composer/moodle/moodle@3.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 11 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 21 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 22 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 25 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 29 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1 |
|
|
| aliases |
CVE-2018-1042, GHSA-qqjv-mc2v-p7mc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yghg-775s-vber |
|
| 22 |
| url |
VCID-zjrq-np3y-hua5 |
| vulnerability_id |
VCID-zjrq-np3y-hua5 |
| summary |
Information Exposure
Permissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.5.5 |
| purl |
pkg:composer/moodle/moodle@3.5.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 7 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 12 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 13 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 16 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 23 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 24 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 25 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.6.3 |
| purl |
pkg:composer/moodle/moodle@3.6.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 9 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 10 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 11 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3 |
|
|
| aliases |
CVE-2019-3848, GHSA-45rw-4r25-jvg7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zjrq-np3y-hua5 |
|
| 23 |
| url |
VCID-zwkk-zazw-6fgg |
| vulnerability_id |
VCID-zwkk-zazw-6fgg |
| summary |
Improper Validation of Integrity Check Value
It was found in Moodle that a insufficient capability checks in some grade related web services meant students were able to view other students grades. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-20184, GHSA-mm73-86f9-5x5c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zwkk-zazw-6fgg |
|