Moodle has released an update to its open source learning management system for Mac OS X, Windows, and Linux. Moodle 1.9.8 includes a number of small improvements and bug fixes but also addresses nine security vulnerabilities, including two that Moodle developers have labeled as "critical" and five as "major." Moodle has also released a parallel update to the 1.8 branch, version 1.8.12, which includes comparable changes.
Moodle is the most widely adopted learning management system available, with nearly 1.2 million teachers using it and more than 33.5 million users participating in more than 3.3 million courses at more than 46,000 validated sites worldwide. Moodle supports both small and large deployments (with several sites well beyond 100,000 users) and includes course management tools, various Web 2.0 technologies, online assessments, and other features common to learning management systems.

In the latest release, the two critical security issues that were addressed include a SQL injection vulnerability in the Wiki module and a forms validation problem. It also fixed problems with cross-site scripting affecting implementations where global search is enabled and a problem that would allow regular users to find the user names of others enrolled in a course. A complete list of security vulnerabilities addressed in the latest releases can be found here.)

The link for this article located at The Journal is no longer available.