Security announcements | Moodle.org

Forums
Documentation
Downloads
Demo
Tracker
Development
Translation
Search

Search
Moodle Sites

Moodle.org

Security announcements

Description:	Password recovery token can be guessed because of php randomisation limitations
Issue summary:	Vulnerability in password recovery mechanism
Severity/Risk:	Serious
Versions affected:	2.9 to 2.9.1, 2.8 to 2.8.7, 2.7 to 2.7.9 and earlier unsupported versions
Versions fixed:	2.9.2, 2.8.8 and 2.7.10
Reported by:	Vincent Herbulot (@us3r777)
Issue no.:	MDL-50860
CVE identifier:	CVE-2015-5267
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860

Discuss this topic (0 replies so far)

Description:	On large installations, when sync script takes a long time, suspended students may get assigned a manager role in meta course for several minutes
Issue summary:	Meta course sync enroling suspended students as managers and causing large database growth
Severity/Risk:	Minor
Versions affected:	2.9 to 2.9.1, 2.8 to 2.8.7, 2.7 to 2.7.9 and earlier unsupported versions
Versions fixed:	2.9.2, 2.8.8 and 2.7.10
Reported by:	Brian Winstead
Issue no.:	MDL-50744
CVE identifier:	CVE-2015-5266
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50744

Discuss this topic (0 replies so far)

Description:	Users can delete files uploaded by other users in wiki without capability to manage files
Issue summary:	Disable free access to the file manager in the wiki via the text editor.
Severity/Risk:	Minor
Versions affected:	2.9 to 2.9.1, 2.8 to 2.8.7, 2.7 to 2.7.9 and earlier unsupported versions
Versions fixed:	2.9.2, 2.8.8 and 2.7.10
Reported by:	John Provasnik
Issue no.:	MDL-48371
CVE identifier:	CVE-2015-5265
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48371

Discuss this topic (0 replies so far)

Description:	Group access is not properly checked when posting to "all participants" in forum
Issue summary:	Teacher without accessallgroups can still post to "all participants" and groups they're not members of
Severity/Risk:	Minor
Versions affected:	2.7 to 2.7.9 and earlier unsupported versions
Versions fixed:	2.7.10
Reported by:	David Scotson
Issue no.:	MDL-50576
CVE identifier:	CVE-2015-5272
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50576

Discuss this topic (0 replies so far)

Description:	Completed and graded lesson activity was not protected against making new attempt to answer some questions
Issue summary:	Students can re-attempt answering questions in the lesson
Severity/Risk:	Minor
Versions affected:	2.9 to 2.9.1, 2.8 to 2.8.7, 2.7 to 2.7.9 and earlier unsupported versions
Versions fixed:	2.9.2, 2.8.8 and 2.7.10
Reported by:	Eric Eakin
Issue no.:	MDL-50516
CVE identifier:	CVE-2015-5264
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516

Discuss this topic (0 replies so far)

Description:	Penetration test discovered possible Javascript injection in SCORM module
Issue summary:	Inadequate JavaScript Handling in SCORM
Severity/Risk:	Minor
Versions affected:	2.9, 2.8 to 2.8.6, 2.7 to 2.7.8 and earlier unsupported versions
Versions fixed:	2.9.1, 2.8.7 and 2.7.9
Reported by:	Martin Greenaway
Issue no.:	MDL-50614
CVE identifier:	CVE-2015-3275
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50614

Discuss this topic (0 replies so far)

Description:	Several web services returning user information did not clean text in text custom profile fields
Issue summary:	Custom profile fields (textarea) are not passed through external_format_text when returned by several web services
Severity/Risk:	Minor
Versions affected:	2.9, 2.8 to 2.8.6, 2.7 to 2.7.8 and earlier unsupported versions
Versions fixed:	2.9.1, 2.8.7 and 2.7.9
Reported by:	Marina Glancy
Issue no.:	MDL-50130
CVE identifier:	CVE-2015-3274
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50130

Discuss this topic (0 replies so far)

Description:	Capability 'mod/forum:canposttomygroups' was not respected when using 'Post a copy to all groups' in forum. Capability to post to each individual group was always required.
Issue summary:	canposttomygroups capability is not checked in mod/forum/post.php
Severity/Risk:	Minor
Versions affected:	2.9
Versions fixed:	2.9.1
Reported by:	Juan Leyva
Issue no.:	MDL-50220
CVE identifier:	CVE-2015-3273
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220

Discuss this topic (0 replies so far)

Description:	Another case when redirecting to external site was possible in error messages. See also MSA-15-0019 (CVE-2015-3175)
Issue summary:	PARAM_LOCALURL is vulnerable to open redirects
Severity/Risk:	Minor
Versions affected:	2.9, 2.8 to 2.8.6, 2.7 to 2.7.8 and earlier unsupported versions
Versions fixed:	2.9.1, 2.8.7 and 2.7.9
Reported by:	Totara
Issue no.:	MDL-50688
CVE identifier:	CVE-2015-3272
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50688

Discuss this topic (0 replies so far)

Description:	Users with the revoked capability 'moodle/user:manageownfiles' are still able to upload private files using deprecated function in Web Services
Issue summary:	Users with the manageownfiles disabled are able to upload private files via Web Services
Severity/Risk:	Minor
Versions affected:	2.8 to 2.8.5, 2.7 to 2.7.7, 2.6 to 2.6.10 and earlier unsupported versions
Versions fixed:	2.9, 2.8.6, 2.7.8 and 2.6.11
Reported by:	Juan Leyva
Issue no.:	MDL-49994
CVE identifier:	CVE-2015-3181
Changes (master):	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49994

Discuss this topic (0 replies so far)