Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2016-5013
Disclosure Date: January 20, 2017 (last updated November 25, 2024)
In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.
0
Attacker Value
Unknown
CVE-2016-8642
Disclosure Date: January 20, 2017 (last updated November 25, 2024)
In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.
0
Attacker Value
Unknown
CVE-2016-8643
Disclosure Date: January 20, 2017 (last updated November 25, 2024)
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.
0
Attacker Value
Unknown
CVE-2016-8644
Disclosure Date: January 20, 2017 (last updated November 25, 2024)
In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.
0
Attacker Value
Unknown
CVE-2017-2576
Disclosure Date: January 20, 2017 (last updated November 25, 2024)
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
0
Attacker Value
Unknown
CVE-2016-5014
Disclosure Date: January 20, 2017 (last updated November 25, 2024)
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.
0
Attacker Value
Unknown
CVE-2016-7038
Disclosure Date: January 20, 2017 (last updated November 25, 2024)
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
0
