I am trying to perform a security review of Moodle.
I'm trying to find some documentation about how secure performing a user upload through the interface is but I am unable to find any. We currently only use a SSL on the login page.
My concerns are that the information could be intercepted whilst the upload takes place, how feasible is this?
Thanks for your help.