Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Educational

Moodle

Moodle is a Course Management System (CMS) also known as a Learning Management System (LMS) or a Virtual Learning Environment (VLE). It is a Free web application that educators can use to create effective online learning sites.

Official Site:

https://moodle.org/?lang=eng

Severity Summary:

Critical: 27 High: 95 Medium: 464 Low: 37
Reference
Title
Severity
CVE-2024-38274
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-27131
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-30943
Moodle Externally Controlled Reference to a Resource in Another Sphere Vulnerability
Medium
CVE-2024-25979
Moodle Vulnerability
Medium
CVE-2024-25981
Moodle Vulnerability
Medium
CVE-2023-28334
Moodle Authorization Bypass Through User-Controlled Key Vulnerability
Medium
CVE-2025-26531
Moodle Incorrect Authorization Vulnerability
Medium
CVE-2025-3628
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2025-3627
Moodle Improper Authentication Vulnerability
Medium
CVE-2025-3640
Moodle Authorization Bypass Through User-Controlled Key Vulnerability
Medium
CVE-2025-32045
Moodle Missing Authorization Vulnerability
Medium
CVE-2025-3643
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-3644
Moodle Incorrect Authorization Vulnerability
Medium
CVE-2025-3645
Moodle Incorrect Authorization Vulnerability
Medium
CVE-2025-3647
Moodle Incorrect Authorization Vulnerability
Medium
CVE-2025-53021
Moodle Session Fixation Vulnerability
Medium
CVE-2025-26532
Moodle Incorrect Authorization Vulnerability
Medium
CVE-2025-26530
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-43437
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-26529
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-26528
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-26527
Moodle Exposure of Sensitive Information Through Metadata Vulnerability
Medium
CVE-2024-43429
Moodle Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2024-43430
Moodle Incorrect Default Permissions Vulnerability
Medium
CVE-2024-43432
Moodle Cleartext Transmission of Sensitive Information Vulnerability
Medium
CVE-2025-26526
Moodle Incorrect Authorization Vulnerability
Medium
CVE-2024-48900
Moodle Vulnerability
Medium
CVE-2024-43433
Moodle Incorrect Authorization Vulnerability
Medium
CVE-2024-43435
Moodle Improper Check for Unusual or Exceptional Conditions Vulnerability
Medium
CVE-2024-43439
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium