Advisories ยป MGASA-2014-0379

Updated moodle packages fix security vulnerbilities

Publication date: 15 Sep 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3617

Description

Updated moodle packages fix security vulnerabilities:

In Moodle before 2.6.5, users who had not yet posted the required answer in
a Q&A forum in order to access past posts were able to see the name of the
last person who had posted, as other authors are visible in
/mod/forum/view.php before the student has posted their own answer
(CVE-2014-3617).
                

References

SRPMS

4/core

3/core