{
  "schema_version": "1.7.0",
  "id": "MGASA-2014-0483",
  "published": "2014-11-22T10:54:50Z",
  "modified": "2014-11-22T10:41:05Z",
  "summary": "Updated moodle package fixes security vulnerabilities",
  "details": "In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7\ncharacters could be used to force cross-site scripts to AJAX scripts\n(although this is unlikely on modern browsers and on most Moodle pages)\n(MSA-14-0035).\n\nIn Moodle before 2.6.5, an XSS issue through $searchcourse in\nmod/feedback/mapcourse.php, due to the last search string in the Feedback\nmodule not being escaped in the search input field (CVE-2014-7830).\n\nIn Moodle before 2.6.5, the word list for temporary password generation was\nshort, therefore the pool of possible passwords was not big enough\n(CVE-2014-7845).\n\nIn Moodle before 2.6.5, capability checks in the LTI module only checked\naccess to the course and not to the activity (CVE-2014-7832).\n\nIn Moodle before 2.6.5, group-level entries in Database activity module\nbecame visible to users in other groups after being edited by a teacher\n(CVE-2014-7833).\n\nIn Moodle before 2.6.5, unprivileged users could access the list of\navailable tags in the system (CVE-2014-7846).\n\nIn Moodle before 2.6.5, the script used to geo-map IP addresses was\navailable to unauthenticated users increasing server load when used by\nother parties (CVE-2014-7847).\n\nIn Moodle before 2.6.5, when using the web service function for Forum\ndiscussions, group permissions were not checked (CVE-2014-7834).\n\nIn Moodle before 2.6.5, by directly accessing an internal file, an\nunauthenticated user can be shown an error message containing the file\nsystem path of the Moodle install (CVE-2014-7848).\n\nIn Moodle before 2.6.5, if web service with file upload function was\navailable, user could upload XSS file to his profile picture area\n(CVE-2014-7835).\n\nIn Moodle before 2.6.5, two files in the LTI module lacked a session key\ncheck, potentially allowing cross-site request forgery (CVE-2014-7836).\n\nIn Moodle before 2.6.5, by tweaking URLs, users who were able to delete\npages in at least one Wiki activity in the course were able to delete pages\nin other Wiki pages in the same course (CVE-2014-7837).\n\nIn Moodle before 2.6.5, set tracking script in the Forum module lacked a\nsession key check, potentially allowing cross-site request forgery\n(CVE-2014-7838).\n\nIn Moodle before 2.6.5, session key check was missing on return page in\nmodule LTI allowing attacker to include arbitrary message in URL query\nstring (MSA-14-0049).\n",
  "upstream": [
    "CVE-2014-7830",
    "CVE-2014-7832",
    "CVE-2014-7833",
    "CVE-2014-7834",
    "CVE-2014-7835",
    "CVE-2014-7836",
    "CVE-2014-7837",
    "CVE-2014-7838",
    "CVE-2014-7845",
    "CVE-2014-7846",
    "CVE-2014-7847",
    "CVE-2014-7848"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2014-0483.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=14538"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275146"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275147"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275152"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275154"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275155"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275157"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275158"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275159"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275160"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275161"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275162"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275163"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275164"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=275165"
    },
    {
      "type": "WEB",
      "url": "https://docs.moodle.org/dev/Moodle_2.6.6_release_notes"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=274730"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:3",
        "name": "moodle",
        "purl": "pkg:rpm/mageia/moodle?arch=source&distro=mageia-3"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.6-1.mga3"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:4",
        "name": "moodle",
        "purl": "pkg:rpm/mageia/moodle?arch=source&distro=mageia-4"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.6-1.mga4"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}