Moodle.org: MSA-08-0003: Insufficient access control in Login as feature

Forums
Documentation
Downloads
Demo
Tracker
Development
Translation
Search

Search
Moodle Sites

Moodle.org

MSA-08-0003: Insufficient access control in Login as feature

◄ MSA-08-0004: XSS in install.php before installation
MSA-08-0001: Access elevation in user edit form ►

Topic:	Insufficient access control in Login as feature
Severity:	Critical
Versions affected:	1.8-1.8.3
Reported by:	Johannes Kuhn
Issue no.:	MDL-12911
Solution:	upgrade to 1.8.4
Patch:	MOODLE_18_STABLE http://cvs.moodle.org/moodle/course/loginas.php?r1=1.44.2.1&r2=1.44.2.2

Description:

Critical security problem was discovered in course/loginas.php script. Please make a full update or at least replace this file with latest version from 1.8.4.

◄ MSA-08-0004: XSS in install.php before installation
MSA-08-0001: Access elevation in user edit form ►

Security announcements

MSA-08-0003: Insufficient access control in Login as feature

MSA-08-0003: Insufficient access control in Login as feature

Empowering educators to improve our world

Moodle

Support

Get Involved

Contributions

Downloads

Tracker

Development

Empowering educators to improve our world