Moodle Multiple Vulnerabilities Fixed by 3.0.2, 2.9.4, 2.8.10 and 2.7.12
Description
(#Two vulnerabilities have been identified in Moodle:#- CVE-2016-0724: security bypass. An authenticated remote attacker could exploit it in order to access hidden courses. This vulnerability is due to missing permission checks in the "core_enrol_get_course_enrolment_methods" and "enrol_self_get_instance_info" web services##- CVE-2016-0725: cross-site scripting in the course management search. A remote attacker can exploit it in order to execute arbitrary JavaScript or HTML code by enticing their victim into following a specially formed link.##The moodle packages provided by Debian Squeeze 6 are vulnerable.#Updated, 21/03/2016:#Additional vulnerabilities, fixed by the same versions of Moodle, have been added:#- CVE-2016-2151: incorrect capability check when displaying users emails in Participants list#- CVE-2016-2152: cross-site scripting from profile fields from external db#- CVE-2016-2153: cross-site scripting in mod_data advanced search#- CVE-2016-2154: security bypass allowing to show hidden courses in Event Monitor#- CVE-2016-2155: incorrect capability check in Single View grade allowing privileges escalation#- CVE-2016-2156: security bypass allowing to view hidden calendar events#- CVE-2016-2157: cross-site request forgery in Assignment plugin management page#- CVE-2016-2158: security bypass allowing enumeration of category details without authentication#- CVE-2016-2159: information disclosure in referrer to links with "_blank" target#- CVE-2016-2190: improper date checking in external function "mod_assign_save_submission".#Updated, 22/03/2016:#Contrarily to the statement above, the additional vulnerabilities were not fixed by the same versions of Moodle, but via versions 3.0.3, 2.9.5, 2.8.11 and 2.7.13.##In order to provide clearer information, bulletin 26154 has been published.)
