Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Moodle 2.7.x < 2.7.9 / 2.8.x < 2.8.7 / 2.9.x < 2.9.1 Multiple Vulnerabilities

Critical

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

Moodle, an open-source course management system, installed on the remote host is version 2.7.x prior to 2.7.9, 2.8.x prior to 2.8.7, or 2.9.x prior to 2.9.1, and is affected by multiple vulnerabilities :

- A flaw in the 'clean_param()' function in 'lib/moodlelib.php' that allows a cross-site redirection attack. This flaw exists because the application does not validate a certain parameter when generating error messages and allows a context-dependent attacker to create a specially crafted link that, if followed, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. (CVE-2015-3272) - A flaw in the 'mod/forum/post.php' script that is due to missing capability checks allowing an unauthorized remote attacker to post on the forum. (CVE-2015-3273) - A flaw that allows a stored cross-site scripting (XSS) attack. This flaw exists because the 'user_get_user_details()' function in the 'user/lib.php' script does not validate input to text profile fields before returning it to users allowing an authenticated remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. (CVE-2015-3274) - A flaw in the 'mod/scorm/prereqs.php' and 'mod/scorm/player.php' scripts that are triggered during the handling of the 'currentorg' parameter allowing a remote attacker to inject arbitrary JavaScript content. (CVE-2015-3275)

Solution

Upgrade to Moodle version 2.7.9, 2.8.7, or 2.9.1 or later.