PT-2025-27373 · Undefined · Undefined

🚨 Fedora 41 just dropped a critical Moodle security update! ✅ Fixes SSRF, IDOR, and password caching flaws CVE-2025-49513 to CVE-2025-49518. Read more: 👉 https://t.co/Nl2zuUwoVS LinuxSecurity EdTech https://t.co/CACOiVyRhw...

PT-2025-27374 · Undefined · Undefined

🚨 Fedora 41 just dropped a critical Moodle security update! ✅ Fixes SSRF, IDOR, and password caching flaws CVE-2025-49513 to CVE-2025-49518. Read more: 👉 https://t.co/Nl2zuUwoVS LinuxSecurity EdTech https://t.co/CACOiVyRhw...

MGASA-2015-0110 Updated moodle packages fix security vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.6.9, by modifying URL a logged in user can view the list of another user's contacts, number of unread messages and list of their courses CVE-2015-2266. In Moodle before 2.6.9, authentication in mdeploy can be bypassed. It i...

MGASA-2015-0032 Updated moodle package fixes security vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.6.7, absence of a capability check in AJAX backend script in the LTI module could allow any enrolled user to search the list of registered tools CVE-2015-0211. In Moodle before 2.6.7, the course summary on course request...

MGASA-2014-0160 Updated moodle packages fix multiple security vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.4.9, question strings were not being filtered correctly possibly allowing cross site scripting, as quizquestiontostring can cause invalid HTML CVE-2014-2571. Feedback Availability dates not honored in complete.php in Moodle...

MGASA-2013-0217 Updated moodle package fixes multiple security vulnerabilities

Flash files distributed with the YUI library in Moodle before 2.4.5 may have allowed for cross-site scripting attacks MSA-13-0025. Privacy settings for the IMS-LTI External tool module in Moodle before 2.4.5 were not able to be changed so personal information was always transferred MSA-13-0026...