FreeBSD : moodle -- multiple vulnerabilities (8656cf5f-4170-11e6-8dfe-002590263bf5)
Medium Nessus Plugin ID 91930
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionMarina Glancy reports :
- MSA-16-0013: Users are able to change profile fields that were locked by the administrator.
- MSA-16-0015: Information disclosure of hidden forum names and sub-names.
- MSA-16-0016: User can view badges of other users without proper permissions.
- MSA-16-0017: Course idnumber not protected from teacher restore.
- MSA-16-0018: CSRF in script marking forum posts as read.
SolutionUpdate the affected packages.