| Topic: | Chat disclosed full names of all system users including deleted users |
| Severity: | Serious |
| Versions affected: | < 2.1.2, < 2.0.5 (1.9.x not affected) |
| Reported by: | Petr Škoda |
| Issue no.: | MDL-27219 |
| Solution: | upgrade to latest version |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=d0157d827bc254ba386a5e5b41b13be2698ee76e |
| Workaround: | Do not use Chat |
Description:
Chat users could probe users' names by 'beep'ing their user ID.
| Topic: | Column registration_hubs.secret gets different default value for upgrade versus install |
| Severity: | Serious |
| Versions affected: | < 2.1.2, < 2.0.5 (1.9.x not affected) |
| Reported by: | Colin Campbell |
| Issue no.: | MDL-27635 |
| Solution: | upgrade to latest version |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=ca896fdfcfcc87846fa91a297d0aa6999a68c48a |
| Workaround: | Do not use community hubs |
Description:
On installation a sites secret value for hubs was not being set.
| Topic: | Incorrect handling of openssl_verify() return code |
| Severity: | Serious |
| Versions affected: | < 2.1.2, < 2.0.5, < 1.9.14 |
| Reported by: | David Mudrak |
| Issue no.: | MDL-29148 |
| Solution: | upgrade to latest version |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=54941685e3e86ec085641dcb7ebb1f96f06735b2 |
| Workaround: | Disable MNET |
Description:
Moodle was not handling these SSL return codes correctly and was vulnerable to remote attacks bypassing validation.
| Topic: | $mform->setConstant() does not work as expected |
| Severity: | Serious |
| Versions affected: | < 2.1.2, < 2.0.5, < 1.9.14 |
| Reported by: | David Mudrak |
| Issue no.: | MDL-23872 |
| Solution: | upgrade to latest version |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=f1f70bd4dde6cd1ea4bdb8ab28fa3d36a53b89d8 |
Description:
Form values that are set as constants were able to be altered by users when the form was submitted
| Topic: | Box.net repository has security flaws |
| Severity: | Serious |
| Versions affected: | < 2.1.2, < 2.0.5 (1.9.x not affected) |
| Reported by: | Alex Willen |
| Issue no.: | MDL-27289 |
| Solution: | upgrade to latest version |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=3deff6c9d2bb4ab3144b3ca7b93d6a2ef6a87af2 |
| Workaround: | Disable the Box.net repository |
Description:
The Box.net plugin was created before Box.net released an OAuth-like authentication, which requires a user to enter their username and password in moodle site.
| Topic: | Server files shows all categories and courses even if a user don't have access to them |
| Severity: | Minor |
| Versions affected: | < 2.1.2, < 2.0.5 (1.9.x not affected) |
| Reported by: | Ralf Hilgenstock |
| Issue no.: | MDL-27586 |
| Solution: | upgrade to latest version |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=f6b07c4da54a9db24723beb147e8a19a3d487e00 |
Description:
In server files, the category and course areas were being shown to users who do not have permission to access them.
| Topic: | XSS in Wiki comments |
| Severity: | Serious |
| Versions affected: | < 2.1.2, < 2.0.5 (1.9.x not affected) |
| Reported by: | Petr Škoda |
| Issue no.: | MDL-28726 |
| Solution: | upgrade to latest version |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=a459fd90625ae44d7b3ac10b65da2dc631a418e7 |
Description:
The result of wiki parsers was not cleaned, which could be discovered and exploited especially when combined with CSRF.
| Topic: | CSRF in several places |
| Severity: | Serious |
| Versions affected: | < 2.1.2, < 2.0.5 (1.9.x not affected) |
| Reported by: | Petr Škoda |
| Issue no.: | MDL-28724 |
| Solution: | upgrade to latest version |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=48346fb11f8ced06a05c0618b02a3a925b34ec59 |
Description:
This vulnerability allowed cross site reference forgery within links in the Wiki.
| Topic: | Flat file enrollments has various sql injection vulnerabilities |
| Severity: | Serious |
| Versions affected: | < 1.9.13 (2.x not affected) |
| Reported by: | Matt Meisberger |
| Issue no.: | MDL-28360 |
| Solution: | upgrade to 1.9.13 |
| Workaround: | escape quotes in user upload CSV files |
Description:
When uploading a CSV files with fields containing quotes, this could throw off SQL processing. This is only exploitable by admins, but could accidentally lead to DB corruption.
| Topic: | SQL injection vulnerability in user upload |
| Severity: | Serious |
| Versions affected: | < 1.9.13 (2.x not affected) |
| Reported by: | Matt Meisberger |
| Issue no.: | MDL-28197 |
| Solution: | upgrade to 1.9.13 |
| Workaround: | escape quotes in user upload CSV files |
Description:
When uploading a CSV file with group names that contain quotes, this could throw off SQL processing. This is only exploitable by admins, but could accidentally lead to DB corruption.