Topic: | Moodle 'spell-check-logic.cgi' Insecure Temporary File Creation Vulnerability |
Severity: | Major |
Versions affected: | < 1.9.4, < 1.8.8, < 1.7.7, < 1.6.9 |
Reported by: | http://www.securityfocus.com/bid/32402 |
Issue no.: | MDL-17368 / CVE-2008-5153 |
Solution: | update to latest releases or removing directory: lib/editor/htmlarea/plugins/SpellChecker/ |
Description:
See bug for details - it is safe to delete that directory because we use different spellchecker.