Moodle Vulnerabilities
Moodle Moodle vulnerabilities.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Persistent Cross-Site Scripting Vulnerability in Moodle by Moodle
CVE-2021-47857MoodleMoodle👾🟡5.1MEDIUMSession Fixation Vulnerability in Moodle by Moodle Pty Ltd
CVE-2025-53021MoodleMoodle4.2MEDIUMSQL Injection Vulnerability in Moodle Course Search Module
CVE-2025-26533Moodle ProjectMoodle9.8CRITICALData Validation Flaw in Moodle by Moodle
CVE-2025-26532Moodle ProjectMoodle4.3MEDIUMInsufficient Capability Checks in Moodle by Moodle
CVE-2025-26531Moodle ProjectMoodle5.3MEDIUMReflected XSS Vulnerability in Moodle's Question Bank Filter
CVE-2025-26530Moodle ProjectMoodle6.1MEDIUMStored XSS Vulnerability in Moodle's Administration Live Log
CVE-2025-26529Moodle ProjectMoodle📈👾🟡📰6.1MEDIUMStored XSS Vulnerability in Moodle Drag-and-Drop Image Question Type
CVE-2025-26528Moodle ProjectMoodle6.1MEDIUMMoodle Tags Exposure in Tag Search and Block Functionality
CVE-2025-26527Moodle ProjectMoodle5.3MEDIUMPermission Check Flaws in Feedback Activities of Moodle by Moodle
CVE-2025-26526Moodle ProjectMoodle6.5MEDIUMArbitrary File Read Vulnerability in TeX Notation Filter Affects Moodle Products
CVE-2025-26525Moodle ProjectMoodle8.6HIGHSeparate Unique Keys for QR Login and Auto-Login
CVE-2024-38277MoodleMoodle5.4MEDIUMMultiple CSRF Risks Due to Incorrect Token Checks
CVE-2024-38276MoodleMoodle8.8HIGHUnintentionally Sending HTTP Authorization Header Information Through Redirects
CVE-2024-38275MoodleMoodleStored XSS Risk in Event Deletion Prompt
CVE-2024-38274MoodleMoodle6.1MEDIUMUsers Granted Unauthorized Access to Join URLs Due to Insufficient Capability Checks
CVE-2024-38273MoodleMoodle5.4MEDIUMMoodle User Could Execute Local File Include Attack in Misconfigured Shared Hosting Environment
CVE-2024-34002MoodleMoodleMoodle User Could Execute Local File Include Attack in Misconfigured Shared Hosting Environment
CVE-2024-34003MoodleMoodleMoodle User with Direct Access to Web Server Can Execute Local File Include Attack
CVE-2024-34005MoodleMoodleUnauthorized Event Creation Due to Incorrect Validation
CVE-2024-33996MoodleMoodleMoodle Chat Vulnerability Allows for HTML Injection and Performance Degradation
CVE-2024-28593MoodleMoodle5.4MEDIUMReflected XSS Vulnerability in Moodle by Moodle
CVE-2023-46858MoodleMoodle5.4MEDIUMPersistent Cross-Site Scripting in Moodle by Moodle HQ
CVE-2021-27131MoodleMoodle5.4MEDIUMInsufficient Limitations in Moodle Quiz Web Services
CVE-2022-40208MoodleMoodle4.3MEDIUMSQL Injection Vulnerability in Moodle Affects Course Enrollment Fetching
CVE-2021-36392MoodleMoodle9.8CRITICAL