Moodle 2.2.11
Approved changes feed: RSS · Atom
cpe:2.3:a:moodle:moodle:2.2.11:*:*:*:*:*:*:*
part: a version: 2.2.11 update: *
| Vendor | Moodle (1f527b56-744d-5be6-b0f4-b691bd50b8c3) |
|---|---|
| Product | Moodle (221dc9da-2dde-53d2-a358-e0cb5ac858f7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/bitnami/moodle |
purl2cpe | 2026-06-01 10:13:14.068181 |
pkg:github/moodle/moodle |
purl2cpe | 2026-06-01 10:13:14.068182 |
pkg:rpm/fedora/moodle |
purl2cpe | 2026-06-01 10:13:14.068183 |
pkg:rpm/opensuse/moodle |
purl2cpe | 2026-06-01 10:13:14.068185 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2014-3617 |
vulnerable | 2026-06-08 05:05:41.827244 |
Details available
The forum_print_latest_discussions function in mod/forum/lib.php in Moodle through 2.4.11, 2.5.x before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2 allows remote authenticated users to bypass the individual answer-posting requirement without the mod/forum:viewqandawithoutposting capability, and discover an author's username, by leveraging the student role and visiting a Q&A forum.
Published: 2014-09-15T14:00:00.000Z
Updated: 2024-08-06T10:50:17.677Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-2571 |
vulnerable | 2026-06-08 05:05:29.217980 |
Details available
Cross-site scripting (XSS) vulnerability in the quiz_question_tostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question.
Published: 2014-03-22T01:00:00.000Z
Updated: 2024-08-06T10:21:34.688Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0218 |
vulnerable | 2026-06-08 05:05:12.240054 |
Details available
Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.281Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0216 |
vulnerable | 2026-06-08 05:05:12.238071 |
Details available
The My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 does not properly restrict file access, which allows remote attackers to obtain sensitive information by visiting an HTML block.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.294Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0215 |
vulnerable | 2026-06-08 05:05:12.236465 |
Details available
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.276Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0214 |
vulnerable | 2026-06-08 05:05:12.234769 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0213 |
vulnerable | 2026-06-08 05:05:12.224797 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0129 |
vulnerable | 2026-06-08 05:05:11.707963 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0127 |
vulnerable | 2026-06-08 05:05:11.625224 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0126 |
vulnerable | 2026-06-08 05:05:11.623533 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0125 |
vulnerable | 2026-06-08 05:05:11.621959 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0124 |
vulnerable | 2026-06-08 05:05:11.620468 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0123 |
vulnerable | 2026-06-08 05:05:11.618898 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-0122 |
vulnerable | 2026-06-08 05:05:11.617324 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-7341 |
vulnerable | 2026-06-08 05:05:09.987852 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-3630 |
vulnerable | 2026-06-08 05:04:32.411322 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-2243 |
vulnerable | 2026-06-08 05:04:23.878357 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.