moodle -- multiple vulnerabilities

2015-09-14T00:00:00
ID C2FCBEC2-5DAA-11E5-9909-002590263BF5
Type freebsd
Reporter FreeBSD
Modified 2015-09-24T00:00:00

Description

Moodle Release Notes report:

MSA-15-0030: Students can re-attempt answering questions in the lesson (CVE-2015-5264) MSA-15-0031: Teacher in forum can still post to "all participants" and groups they are not members of (CVE-2015-5272 - 2.7.10 only) MSA-15-0032: Users can delete files uploaded by other users in wiki (CVE-2015-5265) MSA-15-0033: Meta course synchronization enrolls suspended students as managers for a short period of time (CVE-2015-5266) MSA-15-0034: Vulnerability in password recovery mechanism (CVE-2015-5267) MSA-15-0035: Rating component does not check separate groups (CVE-2015-5268) MSA-15-0036: XSS in grouping description (CVE-2015-5269)