Home | MSAMP

Yet Another Sandbox! Was a 3.10.highest ... git upgraded to a 4.1.9. Primarily for Samples

Security announcements

MSA-25-0028: IDOR when accessing the cohorts report

Sun, 20 Apr 2025, 09:50 AM

by Michael Hawkins.

Additional checks were required to ensure users can only fetch cohort data they are intended to have access to.

Severity/Risk:	Minor
Versions affected:	4.5 to 4.5.3, 4.4 to 4.4.7, 4.3 to 4.3.11, 4.1 to 4.1.17 and earlier unsupported versions
Versions fixed:	4.5.4, 4.4.8, 4.3.12 and 4.1.18
Reported by:	Paul Holden
CVE identifier:	CVE-2025-3647
Changes (main):	http://git.moodle.org/gw?p=moo dle.git&a=search&h=HEAD &st=commit&s=MDL-84865
Tracker issue:	MDL-84865 IDOR when accessing the cohorts report

MSA-25-0027: IDOR in messaging web service allows access to some user details

Sun, 20 Apr 2025, 09:48 AM

by Michael Hawkins.

Insufficient capability checks in a messaging web service made it possible to view other users' names and online status.

Severity/Risk:	Minor
Versions affected:	4.5 to 4.5.3, 4.4 to 4.4.7, 4.3 to 4.3.11, 4.1 to 4.1.17 and earlier unsupported versions
Versions fixed:	4.5.4, 4.4.8, 4.3.12 and 4.1.18
Reported by:	ostapbender
CVE identifier:	CVE-2025-3645
Changes (main):	http://git.moodle.org/gw?p=moo dle.git&a=search&h=HEAD &st=commit&s=MDL-72704
Tracker issue:	MDL-72704 IDOR in messaging web service allows access to some user details

MSA-25-0026: AJAX section delete does not respect course_can_delete_section()

Sun, 20 Apr 2025, 09:47 AM

by Michael Hawkins.

Additional checks were required to prevent users deleting course sections they did not have permission to modify.

Severity/Risk:	Minor
Versions affected:	4.5 to 4.5.3, 4.4 to 4.4.7, 4.3 to 4.3.11, 4.1 to 4.1.17 and earlier unsupported versions
Versions fixed:	4.5.4, 4.4.8, 4.3.12 and 4.1.18
Reported by:	James E. Calder
CVE identifier:	CVE-2025-3644
Changes (main):	http://git.moodle.org/gw?p=moo dle.git&a=search&h=HEAD &st=commit&s=MDL-83994
Tracker issue:	MDL-83994 AJAX section delete does not respect course_can_delete_section()

MSA-25-0025: Reflected XSS risk in policy tool

Sun, 20 Apr 2025, 09:45 AM

by Michael Hawkins.

The return URL in the policy tool required extra sanitizing to prevent a reflected XSS risk.

Severity/Risk:	Serious
Versions affected:	4.5 to 4.5.3, 4.4 to 4.4.7, 4.3 to 4.3.11, 4.1 to 4.1.17 and earlier unsupported versions
Versions fixed:	4.5.4, 4.4.8, 4.3.12 and 4.1.18
CVE identifier:	CVE-2025-3643
Changes (main):	http://git.moodle.org/gw?p=moo dle.git&a=search&h=HEAD &st=commit&s=MDL-85104
Tracker issue:	MDL-85104 Reflected XSS risk in policy tool

MSA-25-0024: Authenticated remote code execution risk in the Moodle LMS EQUELLA repository

Sun, 20 Apr 2025, 09:44 AM

by Michael Hawkins.

A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default this was only available to teachers and managers, on sites with the EQUELLA repository enabled.

Severity/Risk:	Serious
Versions affected:	4.5 to 4.5.3, 4.4 to 4.4.7, 4.3 to 4.3.11, 4.1 to 4.1.17 and earlier unsupported versions
Versions fixed:	4.5.4, 4.4.8, 4.3.12 and 4.1.18
Reported by:	Vincent Schneider (cli-ish)
Workaround:	Disable the EQUELLA repository until the patch is applied (Site Administration -> Plugins -> Repositories -> Manage repositories).
CVE identifier:	CVE-2025-3642
Changes (main):	http://git.moodle.org/gw?p=moo dle.git&a=search&h=HEAD &st=commit&s=MDL-84473
Tracker issue:	MDL-84473 Authenticated remote code execution risk in the Moodle LMS EQUELLA repository

Source site...

mdlsamples

Course categories

Miscellaneous (1)