2 matches found
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
Moodle version 1.9.8 fixes several security issues including cross-site-scripting XSS and SQL injection bugs CVE-2010-1613, CVE-2010-1614, CVE-2010-1615, CVE-2010-1616, CVE-2010-1617 CVE-2010-1618, CVE-2010-1619. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
CVE-2010-1616
CVE-2010-1616 affects Moodle 1.8.x and 1.9.x up to 1.9.7/1.9.8, where restoring a course can create new roles, enabling teachers to create new accounts without moodle/user:create capability. Root cause: role creation during course restore. Impact: potential unauthorized account creation by teache...