| Topic: | Continuation link can sometimes link offsite |
| Severity: | Minor |
| Versions affected: | < 1.9.13, < 2.0.4, < 2.1.1 |
| Reported by: | Matt Meisberger |
| Issue no.: | MDL-27464 |
| Solution: | upgrade to latest version |
| Workaround: | apply patch |
Description:
It was possible for error message links to lead offsite
| Topic: | Theme cache folder |
| Severity: | Minor |
| Versions affected: | < 2.0.4, < 2.1.1 (1.9.x not affected) |
| Reported by: | Matthew Davidson |
| Issue no.: | MDL-28147 |
| Solution: | upgrade to 2.0.4 or 2.1.1 |
| Workaround: | apply Git patch |
Description:
When caching is incorrectly controlled by a theme, there was the potential for writing to a file system's temporary directory.
| Topic: | Cohort enrol plugin capability problems and missing cohort access control |
| Severity: | Minor |
| Versions affected: | < 2.0.4, < 2.1.1 (1.9.x not affected) |
| Reported by: | Petr Škoda |
| Issue no.: |
MDL-28432 |
| Solution: | upgrade to 2.0.4 or 2.1.1 |
| Workaround: | avoid using cohorts |
Description:
In order to securely control the creation and oversight of cohorts, additional capabilities have been introduced.
| Topic: | Ability to generate invalid records in the comments table in the database |
| Severity: | Major |
| Versions affected: | < 2.0.3 (1.9.x not affected) |
| Reported by: | Sam Hemelryk |
| Issue no.: | MDL-26854 |
| Solution: | Upgrade to 2.0.3 |
| Workaround: | None - please upgrade as soon as possible |
Description:
This is a significant bug in the comments system which allows an authenticated user to fill the comments table in the database with completely invalid records.
| Topic: | Ability to fill a database with invalid records through ratings |
| Severity: | Major |
| Versions affected: | < 2.0.3 (1.9.x not affected) |
| Reported by: | Sam Hemelryk |
| Issue no.: | MDL-26838 |
| Solution: | Upgrade to the latest version |
| Workaround: | None - please upgrade to the latest version as soon as possible |
Description:
It is possible if logged in as an authenticated user to generate invalid records within the rating table of the database, and if someone was intent on doing destruction they could write a script to spam the database.
| Topic: | Cross Site Scripting in multiple pages |
| Severity: | Major |
| Versions affected: | < 1.9.12 |
| Reported by: | Panagiotis Petasis |
| Issue no.: | MDL-26966 |
| Solution: | Upgrade to the latest version |
Description:
A vulnerability assessment done by the Acunetix Web Scanner revealed possible XSS vulnerabilities in pages of Moodle.
| Topic: | System user profile leaks email when maildisplay == 2 |
| Severity: | Major |
| Versions affected: | < 2.0.3 (1.9.x not affected) |
| Reported by: | Petr Škoda |
| Issue no.: | MDL-26621 |
| Solution: | Upgrade to 2.0.3 |
| Workaround: | Disable email display in profiles |
Description:
Email addresses of users were being displayed on the full profile page when they had indicated it should appear to course members only.
| Topic: | Quiz review page does not check and enforce separate groups mode |
| Severity: | Major |
| Versions affected: | < 1.9.12 and < 2.0.3 |
| Reported by: | Claire Browne |
| Issue no.: | MDL-25122 |
| Solution: | Upgrade to the latest version |
| Workaround: | Remove permission to view quiz reports |
Description:
When a teacher is assigned to a group they can view quiz reports for all students, not just the students in their group.
| Topic: | "Force password change" not happening |
| Severity: | Minor |
| Versions affected: | < 2.0.3 (1.9.x not affected) |
| Reported by: | Stephen Overall |
| Issue no.: | MDL-26803 |
| Solution: | Upgrade to 2.0.3 |
| Workaround: | After uploading users via CSV, force password change using bulk user actions |
Description:
This vulnerability allows new users, who were added via CSV, access without being required to change their password.
| Topic: | Multiple cross-site scripting problems in media filter |
| Severity: | Major |
| Versions affected: | <1.9.11 and <2.0.2 |
| Reported by: | Internal code review |
| Issue no.: | MDL-26030 |
| Solution: | Upgrade to latest version |
| Workaround: | Disable media filter |
Description:
Incorrect text escaping in media filter could allow authenticated users to launch cross-site scripting attacks.