moodle vulnerabilities

Known vulnerabilities in the moodle package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Arbitrary Code Injection	*
M Improper Validation of Integrity Check Value	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M Arbitrary Code Injection	*
M Open Redirect	*
M Improper Input Validation	*
M Cross-site Request Forgery (CSRF)	*
M Missing Authorization	*
M CVE-2019-10189	*
M CVE-2019-10188	*
M Improper Input Validation	*
M CVE-2019-3852	*
M Open Redirect	*
M Information Exposure	*
M Cross-site Scripting (XSS)	*
M Improper Privilege Management	*
M Information Exposure	*
M Information Exposure	*
M Improper Privilege Management	*
L Cross-site Request Forgery (CSRF)	*
M Exposure of Resource to Wrong Sphere	*
L Information Exposure	*
L Information Exposure	*
L Weak Password Recovery Mechanism for Forgotten Password	*
L Improper Input Validation	*
L Cross-site Scripting (XSS)	*
M Improper Access Control	*
M Improper Access Control	*
M Access Restriction Bypass	*
M Arbitrary Code Injection	*
L Information Exposure	*
L Cross-site Request Forgery (CSRF)	<3.0.3+dfsg-0ubuntu1
L Information Exposure	<3.0.3+dfsg-0ubuntu1
L Access Restriction Bypass	<3.0.3+dfsg-0ubuntu1
L Information Exposure	<3.0.3+dfsg-0ubuntu1
L Information Exposure	<3.0.3+dfsg-0ubuntu1
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Arbitrary Code Injection	*
L Access Restriction Bypass	*
L Access Restriction Bypass	*
M Improper Input Validation	*
M Access Restriction Bypass	*
M Access Restriction Bypass	*
L Information Exposure	*
M Access Restriction Bypass	*
M Cross-site Scripting (XSS)	*
M Access Restriction Bypass	*
M Information Exposure	*
L Information Exposure	*
M Arbitrary Code Injection	*
L Information Exposure	*

Vulnerability

Vulnerable Version

Arbitrary Code Injection