Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • Specialized Software
  • Educational

Educational

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    27 Feb 2025 Specialized Software
    Moodle: SQL Injection Risk in Course Search Functionality

    In Moodle versions from 4.3.0-beta to 4.5.0-beta a high severity vulnerability CVE-2025-26533 was detected. This vulnerability arises from an SQL injection risk in the module list filter within the course search functionality, allowing attackers to manipulate SQL queries and potentially access sensitive data or compromise the system. To address this issue, users should upgrade Moodle to versions 4.5.2, 4.4.6, 4.3.10, or 4.1.16. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26533.

    Read more
    Educational
    27 Feb 2025 Specialized Software
    Moodle: Insecure Direct Object Reference (IDOR) in Badge Management System

    In Moodle versions 4.5 to 4.5.1, 4.4 to 4.4.5, 4.3 to 4.3.9, 4.1 to 4.1.15 and earlier a low severity vulnerability CVE-2025-26531 was detected. This vulnerability arises from insufficient capability checks within the badge management system, allowing attackers to exploit an Insecure Direct Object Reference (IDOR) and disable arbitrary badges. To address this issue, users should upgrade Moodle to versions 4.5.2, 4.4.6, 4.3.10 or 4.1.16. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26531.

    Read more
    Educational
    27 Feb 2025 Specialized Software
    Moodle: Bypass of Trusttext Configurations in Glossary Restoration

    In Moodle version 4.5.0 a low severity vulnerability CVE-2025-26532 was detected. This vulnerability arises from insufficient checks in the glossary restoration process, allowing teachers to bypass trusttext configurations when restoring glossary entries. To address this issue, users should upgrade Moodle to version 4.5.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26532.

    Read more
    Educational
    26 Feb 2025 Specialized Software
    Moodle: Vulnerability in Feedback Module Response Viewing and Deletion

    In Moodle versions up to 4.5.2 a medium severity vulnerability CVE-2025-26526 was detected. This vulnerability compromises the integrity of response viewing and deletion in Separate Groups mode within the platform’s feedback module. To address this issue, users should upgrade Moodle to versions 4.5.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26526.

    Read more
    Educational
    26 Feb 2025 Specialized Software
    Moodle: Unauthorized Access to Non-Searchable Tags

    In Moodle versions up to 4.5.2 a medium severity vulnerability CVE-2025-26527 was detected. This vulnerability arises from the improper handling of non-searchable tags, allowing users who should not have access to certain tags to still discover them through the tag search page or the tags block. To address this issue, users should upgrade Moodle to versions 4.5.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26527.

    Read more
    Educational
    26 Feb 2025 Specialized Software
    Moodle: Stored Cross-Site Scripting (XSS) in ddimageortext Question Type

    In Moodle versions up to 4.5.2 a low severity vulnerability CVE-2025-26528 was detected. This vulnerability stems from insufficient input sanitization in the ddimageortext question type, allowing attackers to inject malicious scripts that are executed when other users access the affected content. To address this issue, users should upgrade Moodle to versions 4.5.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26528.

    Read more
    Educational
    26 Feb 2025 Specialized Software
    Moodle: Stored Cross-Site Scripting (XSS) in Site Administration Live Log

    In Moodle versions up to 4.1.15, 4.3.9, 4.4.5 and 4.5.1 a high severity vulnerability CVE-2025-26529 was detected. This vulnerability arises from insufficient sanitization of input in the Site Administration Live Log, leading to a stored Cross-Site Scripting (XSS) risk. To address this issue, users should upgrade Moodle to versions 4.1.16, 4.3.10, 4.4.6 or 4.5.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26529.

    Read more
    Educational
    26 Feb 2025 Specialized Software
    Moodle: Reflected Cross-Site Scripting (XSS) in Question Bank Filter

    In Moodle versions up to 4.5.1 a high severity vulnerability CVE-2025-26530 was detected. This vulnerability results from insufficient sanitization in the question bank filter, allowing attackers to craft malicious URLs that execute arbitrary JavaScript in the victim’s browser. To address this issue, users should upgrade Moodle to versions 4.5.2, 4.4.6 or 4.3.10. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26530.

    Read more
    Educational
    25 Feb 2025 Specialized Software
    Moodle: Arbitrary File Read Vulnerability

    In Moodle versions prior to 4.5.2, 4.4.6, 4.3.10, and 4.1.16 a high severity vulnerability CVE-2025-26525 was detected. This vulnerability allows attackers to exploit insufficient sanitization in the TeX notation filter when pdfTeX is available, leading to arbitrary file read risks on Moodle installations using TeX Live. To address this issue, users should upgrade Moodle to versions 4.5.2, 4.4.6, 4.3.10 or 4.1.16. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26525.

    Read more
    Educational
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy