Filtered by vendor Moodle Subscriptions
Total 544 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-1402 1 Moodle 1 Moodle 2024-08-02 4.3 Medium
The course participation report required additional checks to prevent roles being displayed which the user did not have access to view.
CVE-2024-38275 1 Moodle 1 Moodle 2024-08-02 7.5 High
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.
CVE-2024-37674 1 Moodle 1 Moodle 2024-08-02 5.5 Medium
Cross Site Scripting vulnerability in Moodle CMS v3.10 allows a remote attacker to execute arbitrary code via the Field Name (name parameter) of a new activity.
CVE-2024-34009 1 Moodle 1 Moodle 2024-08-02 7.5 High
Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized.