MSA-17-0017: XSS in contact form on non-respondents page in non-anonymous feedback

by Marina Glancy.  

Form on the feedback "non-respondents" page does not escape the value of subject thus creating self-XSS. This can be used to attack another user by tricking them into opening malicious URL whilst in an open Moodle session


...
Severity/Risk:Minor
Versions affected:3.3 to 3.3.1, 3.2 to 3.2.4, 3.1 to 3.1.7 and earlier unsupported
Leer más...

MSA-17-0016: Authentication bypass vulnerability with old CAS servers

by Marina Glancy.  

Old CAS servers (3.3.5.1 or 3.4.2.1, both released Jul 21, 2010) do not escape the failure message which could be exploited with the phpCAS client library that is shipped as part of Moodle. Only fix for this issue was picked to phpCAS library in Moodle, the library will be upgraded to the latest version in the next major...

Leer más...

MSA-17-0015: Course creators are able to change system default settings for courses

by Marina Glancy.  

Insufficient permission check in "Site administration" tree allows users who have permission to access one page in the tree to change other settings.


...
Severity/Risk:Minor
Versions affected:3.3, 3.2 to 3.2.3, 3.1 to 3.1.6 and earlier unsupported versions
Versions fixed:3.3.1, 3.2.4 and 3.1.7
Reported by:Thomas Jaisson
CVE
Leer más...

MSA-17-0014: Course overview block reveals activities in hidden courses

by Marina Glancy.  

Timeline view of the new course overview block can show events for activities that user can not yet access because the course is hidden.


...
Severity/Risk:Minor
Versions affected:3.3
Versions fixed:3.3.1
Reported by:Charles Fulton
CVE identifier:CVE-2017-7531
Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HE
Leer más...