Search CVE reports
31 – 40 of 35883 results
Not in release
A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing...
1 affected package
moodle
| Package | 22.04 LTS |
|---|---|
| moodle | Not in release |
Not in release
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating...
1 affected package
moodle
| Package | 22.04 LTS |
|---|---|
| moodle | Not in release |
Not in release
A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. This occurs due to insufficient...
1 affected package
moodle
| Package | 22.04 LTS |
|---|---|
| moodle | Not in release |
Not in release
A flaw was found in moodle. This formula injection vulnerability occurs when data fields are exported without proper escaping. A remote attacker could exploit this by providing malicious data that, when exported and opened in a...
1 affected package
moodle
| Package | 22.04 LTS |
|---|---|
| moodle | Not in release |
Not in release
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject...
1 affected package
moodle
| Package | 22.04 LTS |
|---|---|
| moodle | Not in release |
Not in release
A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view...
1 affected package
moodle
| Package | 22.04 LTS |
|---|---|
| moodle | Not in release |
Not in release
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing...
1 affected package
moodle
| Package | 22.04 LTS |
|---|---|
| moodle | Not in release |
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.
1 affected package
mediawiki
| Package | 22.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 22.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C. This issue affects Scribunto: from *...
1 affected package
mediawiki
| Package | 22.04 LTS |
|---|---|
| mediawiki | Needs evaluation |