Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 38: FEDORA-2023-6880309d0e Critical: Moodle XSS Risks and RCE

fedora
Calendar Grey October 19, 2023
Dist Fedora Esm H88
The latest Fedora update for Moodle strengthens security by addressing vulnerabilities, ensuring safer platform navigation while guiding users through the update process
Latest updates

Summary

Moodle is a course management system (CMS) - a free, Open Source software

package designed using sound pedagogical principles, to help educators create

effective online learning communities.

Update Information:

Latest updates

Topics%20covered

Topics Covered

security advisory software update Fedora remote code execution XSS risk course management system security notice

Change Log

* Tue Oct 10 2023 Gwyn Ciesla - 4.1.6-1 - 4.1.6

References


[ 1 ] Bug #2244896 - CVE-2023-5539 moodle: Authenticated remote code execution risk in Lesson [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2244896 [ 2 ] Bug #2244899 - CVE-2023-5540 moodle: authenticated remote code execution risk in IMSCP [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2244899 [ 3 ] Bug #2244901 - CVE-2023-5541 moodle: XSS risk when using CSV grade import method [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2244901 [ 4 ] Bug #2244903 - CVE-2023-5542 moodle: Students can view other users in "Only see own membership" groups [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2244903 [ 5 ] Bug #2244905 - CVE-2023-5543 moodle: Duplicating a BigBlueButton activity assigns the same meeting ID [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2244905 [ 6 ] Bug #2244907 - CVE-2023-5544 moodle: Stored XSS and potential IDOR risk in Wiki comments [fedora-all] ht...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-6880309d0e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: moodle
Product: Fedora 38
Version: 4.1.6
Release: 1.fc38
URL: https://moodle.org/
Summary: A Course Management System

Topics%20covered

Topics Covered

security advisory software update Fedora remote code execution XSS risk course management system security notice

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here