FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

moodle -- multiple vulnerabilities

Affected packages
moodle31 < 3.1.14
moodle33 < 3.3.8
moodle34 < 3.4.5
moodle35 < 3.5.2

Details

VuXML ID 074cb225-bb2d-11e8-90e1-fcaa147e860e
Discovery 2018-09-05
Entry 2018-09-18

moodle reports:

Moodle XML import of ddwtos could lead to intentional remote code execution

QuickForm library remote code vulnerability (upstream)

Boost theme - blog search GET parameter insufficiently filtered

[source]

References

CVE Name CVE-2018-14630
CVE Name CVE-2018-14631
CVE Name CVE-2018-1999022
URL https://moodle.org/mod/forum/discuss.php?d=376023

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.