Security announcements

MSA-16-0001: Two enrolment-related web services don't check course visibility