Moodle — Vulnerabilities & Security Advisories 148

This page details known vulnerabilities associated with the Moodle learning management system, focusing on common weakness categories such as SQL injection and cross-site scripting. It aggregates security data to provide a comprehensive view of the risks present in this widely used educational software platform. The content collected here encompasses a broad spectrum of critical, high, and medium-severity issues that have affected Moodle since its public release and continued through recent major versions. This historical perspective allows stakeholders to observe trends in software security over time, noting how fixes are implemented and whether recurring architectural flaws persist across different releases. By compiling data from vendor advisories, community reports, and independent security research, this resource serves as a centralized reference for understanding the evolving threat landscape. Visitors can utilize this page to track the progression of vendor advisories and see how the Moodle project responds to discovered flaws. Users can also gain a deeper understanding of specific weakness classes by examining real-world examples within the product’s codebase and configuration. Furthermore, developers and administrators can look up a product's vulnerability history to assess past exposure and improve their current security posture. This information is essential for those responsible for maintaining the integrity and safety of their online learning environments, enabling them to make informed decisions about upgrades, patches, and mitigation strategies without relying on fragmented sources.