CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-27131
https://notcve.org/view.php?id=CVE-2021-27131
Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. NOTE: this is disputed by the vendor because the "Additional HTML Section" for "Header and Footer" can only be supplied by an administrator, who is intentionally allowed to enter unsanitized input (e.g., site-specific JavaScript). • https://docs.moodle.org/402/en/Risks https://github.com/moodle/moodle https://github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 3CVE-2023-30943 – Moodle: tinymce loaders susceptible to arbitrary folder creation
https://notcve.org/view.php?id=CVE-2023-30943
The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. • https://github.com/d0rb/CVE-2023-30943 https://github.com/Chocapikk/CVE-2023-30943 https://github.com/RubyCat1337/CVE-2023-30943 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77718 https://bugzilla.redhat.com/show_bug.cgi?id=2188605 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY htt • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-30944 – Moodle: minor sql injection risk in external wiki method for listing pages
https://notcve.org/view.php?id=CVE-2023-30944
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77187 https://bugzilla.redhat.com/show_bug.cgi?id=2188606 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS https://moodle.org/mod/foru • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-40208
https://notcve.org/view.php?id=CVE-2022-40208
In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt. • https://moodle.org/mod/forum/discuss.php?d=438761 • CWE-285: Improper Authorization •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-28330 – Moodle: authenticated arbitrary file read through malformed backup file
https://notcve.org/view.php?id=CVE-2023-28330
Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default. • https://bugzilla.redhat.com/show_bug.cgi?id=2179412 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF https://moodle.org/mod/forum/discuss.php?d=445062 • CWE-20: Improper Input Validation •