Moodle

A flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts.

A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk.

A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them in…

A flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users.

A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original requ…

A flaw was found in moodle. External API access to Quiz can override contained insufficient access control.

A flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports, which could result in users without the "view hidden us…

A flaw was found in moodle. A local file may include risks when restoring block backups.

A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users…

A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators.