Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Moodle 2.8.x < 2.8.6 Multiple Vulnerabilities

Critical

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 2.8.x prior to 2.8.6 are exposed to the following vulnerabilities :

- A flaw exists in Quiz manual-grading that is due to the program failing to use the Cross-Site Scripting (XSS) mask flag 'mod/quiz:grade'. This may result in administrators being unaware that this is a trusted action that represents an XSS risk. (CVE-2015-3174) - A flaw exists in the 'get_referer()' function that is triggered when using 'redirect()', which can cause some error messages in the display button to return to the previous page. This may allow a context-dependent attacker to conduct phishing attacks. (CVE-2015-3175) - A flaw exists on sites with enabled self-registration that may allow a remote attacker to gain access to user fullname through account confirmation links. (CVE-2015-3176) - A flaw exists that is due to the program allowing users to subscribe themselves to site wide events. This may allow an authenticated remote attacker to gain access to potentially sensitive information. (CVE-2015-3177) - A flaw exists that allows a XSS attack. This flaw exists because the 'external_format_text()' function does not validate input when displaying it to other users in the external application. This may allow an authenticated remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between the browser and the server. (CVE-2015-3178) - A flaw exists when self-registration is enabled that may allow a user who was suspended after creating their account, but before confirming it, to login a single time after account confirmation. (CVE-2015-3179) - A flaw exists that may allow an authenticated remote attacker with suspended enrollment to gain access to the course structure in the navigation block. This may allow the attacker to gain unauthorized access to information. (CVE-2015-3180) - A flaw exists that may result in permissions not being properly removed when manageownfiles permissions are revoked from a user. This may allow an authenticated remote attacker to upload private files via Web Services. (CVE-2015-3181)

Solution

Upgrade to Moodle version 2.9 or later. If version 2.9.x cannot be obtained, version 2.8.6 is also patched for these issues.