Moodle 3.X
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:moodle_3.x:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Moodle 3.X (d1491e95-da4e-50ad-bf25-69f50d5bbc06) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-1045 |
vulnerable | 2026-06-08 05:11:16.718211 |
Details available
In Moodle 3.x, there is XSS via a calendar event name.
Published: 2018-01-22T08:00:00.000Z
Updated: 2024-08-05T03:44:11.832Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-1044 |
vulnerable | 2026-06-08 05:11:16.717579 |
Details available
In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.
Published: 2018-01-22T08:00:00.000Z
Updated: 2024-08-05T03:44:11.807Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-1043 |
vulnerable | 2026-06-08 05:11:16.716853 |
Details available
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.
Published: 2018-01-22T08:00:00.000Z
Updated: 2024-08-05T03:44:11.848Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-1042 |
vulnerable | 2026-06-08 05:11:16.707871 |
Details available
Moodle 3.x has Server Side Request Forgery in the filepicker.
Published: 2018-01-22T08:00:00.000Z
Updated: 2024-08-05T03:44:11.829Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2645 |
vulnerable | 2026-06-08 05:09:24.873858 |
Details available
In Moodle 3.x, XSS can occur via attachments to evidence of prior learning.
Published: 2017-03-26T18:00:00.000Z
Updated: 2024-08-05T14:02:07.145Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2644 |
vulnerable | 2026-06-08 05:09:24.872997 |
Details available
In Moodle 3.x, XSS can occur via evidence of prior learning.
Published: 2017-03-26T18:00:00.000Z
Updated: 2024-08-05T14:02:06.992Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2578 |
vulnerable | 2026-06-08 05:09:24.665884 |
Details available
In Moodle 3.x, there is XSS in the assignment submission page.
Published: 2017-01-20T08:39:00.000Z
Updated: 2024-08-05T13:55:06.094Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-15110 |
vulnerable | 2026-06-08 05:08:57.927534 |
Details available
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
Published: 2017-11-20T14:00:00.000Z
Updated: 2024-08-05T19:50:16.042Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-12157 |
vulnerable | 2026-06-08 05:08:45.408524 |
Details available
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
Published: 2017-09-18T04:00:00.000Z
Updated: 2024-08-05T18:28:16.469Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-12156 |
vulnerable | 2026-06-08 05:08:45.386443 |
Details available
Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.
Published: 2017-09-18T04:00:00.000Z
Updated: 2024-08-05T18:28:16.531Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.