4 matches found
Mageia: Security Advisory (MGASA-2014-0483)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-7834
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forumgetdiscussions web service...
CVE-2014-7834
CVE-2014-7834 – Moodle : Affected: Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3. Component: mod/forum/externallib.php. Issue: does not verify group permissions when using the forum_get_discussions web service. Root cause: missing verification of group permissions in the forum web service call...
Updated moodle package fixes security vulnerabilities
In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...