Sec Feed Reader

Moodle Security Announcements

Kategorie: vendor_advisory Provider: moodle Sprache: de Zielgruppe: - Tags: cms Aktiv: Ja

Letzter Fetch	Letzter Erfolg	Aufeinanderfolgende Fehler	Letzte Fehlermeldung	ETag	Last-Modified
2026-05-14 21:58 UTC	2026-05-14 21:58 UTC	0	-	-	Thu, 14 May 2026 07:00:05 GMT

Gesamt

Critical

High

Mit CVE-Bezug

### Letzte Eintraege


MSA-26-0011: CSRF and missing capability check in admin/mnet/peers.php	2026-04-28 19:53	-	1
MSA-26-0010: Upgrade AWS SDK for PHP including security fix (upstream)	2026-04-28 19:51	-	1
MSA-26-0009: CSRF risk in reset penalty rules functionality	2026-04-28 19:06	-	1
MSA-26-0008: Upgrade PHPUnit version to avoid a security risk (upstream)	2026-04-28 19:06	-	1
MSA-26-0007: Message panel breaks with messages from deleted users (messaging DoS risk)	2026-04-28 19:05	-	1
MSA-26-0006: RCE risk via Moodle's Google Drive repository plugin	2026-04-28 19:04	-	1
MSA-26-0005: SQL injection risk in external database authentication plugin	2026-04-28 19:02	-	1
MSA-26-0004: Update Symfony process module version to avoid a security risk (upstream)	2026-02-17 10:33	-	1
MSA-26-0003: Denial of service risk in TeX formula editor	2026-02-17 10:32	-	1
MSA-26-0002: Remote code execution risk in TeX filter admin setting	2026-02-17 10:30	-	1
MSA-26-0001: Remote code execution risk via file restore	2026-02-17 10:29	-	1
MSA-25-0061: User IDs exposed in URLs when using anonymous submissions in assignment	2025-12-15 12:23	-	1
MSA-25-0060: Badges with a role criterion could be awarded to users who do not hold the role	2025-12-15 12:23	-	1
MSA-25-0059: Reflected XSS risk in policy tool	2025-12-15 12:23	-	1
MSA-25-0058: Participants can access forum ratings without permission	2025-12-15 12:22	-	1
MSA-25-0057: Password brute force risk from confirmation email web service	2025-12-15 12:22	-	1
MSA-25-0056: Open redirect in OAuth login	2025-12-15 12:21	-	1
MSA-25-0055: Formula injection risk when exporting data to CSV / Excel	2025-12-15 12:21	-	1
MSA-25-0054: XSS risk in formula editor	2025-12-15 12:20	-	1
MSA-25-0053: XSS risk via AI prompt injection	2025-12-15 12:19	-	1

Alle Quellen