Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:2.2.10:*:*:*:*:*:*:*

part: a version: 2.2.10 update: *

VendorMoodle (1f527b56-744d-5be6-b0f4-b691bd50b8c3)
ProductMoodle (221dc9da-2dde-53d2-a358-e0cb5ac858f7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/bitnami/moodle purl2cpe 2026-06-01 10:13:14.068175
pkg:github/moodle/moodle purl2cpe 2026-06-01 10:13:14.068177
pkg:rpm/fedora/moodle purl2cpe 2026-06-01 10:13:14.068178
pkg:rpm/opensuse/moodle purl2cpe 2026-06-01 10:13:14.068179

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2014-3617 vulnerable 2026-06-08 05:05:41.826586 Details available
The forum_print_latest_discussions function in mod/forum/lib.php in Moodle through 2.4.11, 2.5.x before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2 allows remote authenticated users to bypass the individual answer-posting requirement without the mod/forum:viewqandawithoutposting capability, and discover an author's username, by leveraging the student role and visiting a Q&A forum.
Published: 2014-09-15T14:00:00.000Z
Updated: 2024-08-06T10:50:17.677Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-2571 vulnerable 2026-06-08 05:05:29.217444 Details available
Cross-site scripting (XSS) vulnerability in the quiz_question_tostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question.
Published: 2014-03-22T01:00:00.000Z
Updated: 2024-08-06T10:21:34.688Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0218 vulnerable 2026-06-08 05:05:12.240038 Details available
Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.281Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0216 vulnerable 2026-06-08 05:05:12.238055 Details available
The My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 does not properly restrict file access, which allows remote attackers to obtain sensitive information by visiting an HTML block.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.294Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0215 vulnerable 2026-06-08 05:05:12.236450 Details available
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.276Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0214 vulnerable 2026-06-08 05:05:12.234749 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0213 vulnerable 2026-06-08 05:05:12.224778 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0129 vulnerable 2026-06-08 05:05:11.707946 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0127 vulnerable 2026-06-08 05:05:11.625207 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0126 vulnerable 2026-06-08 05:05:11.623515 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0125 vulnerable 2026-06-08 05:05:11.621943 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0124 vulnerable 2026-06-08 05:05:11.620453 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0123 vulnerable 2026-06-08 05:05:11.618882 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0122 vulnerable 2026-06-08 05:05:11.617306 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0010 vulnerable 2026-06-08 05:05:10.553438 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0009 vulnerable 2026-06-08 05:05:10.541687 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-7341 vulnerable 2026-06-08 05:05:09.987334 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4942 vulnerable 2026-06-08 05:04:50.273229 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4941 vulnerable 2026-06-08 05:04:50.271776 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4940 vulnerable 2026-06-08 05:04:50.270222 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4939 vulnerable 2026-06-08 05:04:50.251413 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4938 vulnerable 2026-06-08 05:04:50.250172 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4525 vulnerable 2026-06-08 05:04:47.897760 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4524 vulnerable 2026-06-08 05:04:47.894745 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4523 vulnerable 2026-06-08 05:04:47.891673 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4522 vulnerable 2026-06-08 05:04:47.878856 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4313 vulnerable 2026-06-08 05:04:35.406500 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-3630 vulnerable 2026-06-08 05:04:32.411302 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-2246 vulnerable 2026-06-08 05:04:23.881170 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-2245 vulnerable 2026-06-08 05:04:23.880038 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-2243 vulnerable 2026-06-08 05:04:23.875861 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-2242 vulnerable 2026-06-08 05:04:23.867510 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-2080 vulnerable 2026-06-08 05:03:58.285887 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-6087 vulnerable 2026-06-08 05:02:59.340336 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.