Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 583 results


CVE-2024-34006

Medium priority
Needs evaluation

The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-34005

Medium priority
Needs evaluation

In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the...

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-34004

Medium priority
Needs evaluation

In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could...

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-34003

Medium priority
Needs evaluation

In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle...

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-34002

Medium priority
Needs evaluation

In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle...

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-34001

Medium priority
Needs evaluation

Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-34000

Medium priority
Needs evaluation

ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-33999

Medium priority
Needs evaluation

The referrer URL used by MFA required additional sanitizing, rather than being used directly.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-33998

Medium priority
Needs evaluation

Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-33997

Medium priority
Needs evaluation

Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages