Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2017-12156
Disclosure Date: September 18, 2017 (last updated November 26, 2024)
Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.
0
Attacker Value
Unknown
CVE-2017-12157
Disclosure Date: September 18, 2017 (last updated November 26, 2024)
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
0
Attacker Value
Unknown
CVE-2017-7532
Disclosure Date: July 17, 2017 (last updated November 26, 2024)
In Moodle 3.x, course creators are able to change system default settings for courses.
0
Attacker Value
Unknown
CVE-2017-2642
Disclosure Date: July 17, 2017 (last updated November 26, 2024)
Moodle 3.x has user fullname disclosure on the user preferences page.
0
