FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

moodle -- multiple vulnerabilities

Affected packages
moodle27 < 2.7.11
moodle28 < 2.8.9
moodle29 < 2.9.3

Details

VuXML ID 82b3ca2a-8c07-11e5-bd18-002590263bf5
Discovery 2015-11-09
Entry 2015-11-16
Modified 2015-12-21

Moodle Release Notes report:

MSA-15-0037 Possible to send a message to a user who blocked messages from non contacts

MSA-15-0038 DDoS possibility in Atto

MSA-15-0039 CSRF in site registration form

MSA-15-0040 Student XSS in survey

MSA-15-0041 XSS in flash video player

MSA-15-0042 CSRF in lesson login form

MSA-15-0043 Web service core_enrol_get_enrolled_users does not respect course group mode

MSA-15-0044 Capability to view available badges is not respected

MSA-15-0045 SCORM module allows to bypass access restrictions based on date

MSA-15-0046 Choice module closing date can be bypassed

References

URL https://docs.moodle.org/dev/Moodle_2.7.11_release_notes
URL https://docs.moodle.org/dev/Moodle_2.8.9_release_notes
URL https://docs.moodle.org/dev/Moodle_2.9.3_release_notes