Vulnerabilidades en The Moodle Project

5 resultados

CVE-2019-10186MEDIUMA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading aEPSS 1.1%CVE-2019-10187MEDIUMA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete EPSS 0.9%CVE-2019-10188MEDIUMA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in thEPSS 0.9%CVE-2019-10189MEDIUMA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groupEPSS 0.9%CVE-2020-1692HIGHMoodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.EPSS 0.6%