Moodle 3.11.x < 3.11.16 Multiple Vulnerabilities

low Web App Scanning Plugin ID 114744

Language:

Synopsis

Description

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16, 4.0.x prior to 4.0.10, 4.1.x prior to 4.1.5 or 4.2.x prior to 4.2.2. It is, therefore, affected by multiple vulnerabilities.

- Insufficient limitations made it possible for students to bypass sequential navigation during a quiz attempt.

- Insufficient capability checks resulted in competency framework tools being available to users without the relevant capability.

- The admin view all policies page URL required additional sanitizing to prevent an open redirect risk.

- Insufficient capability checks made it possible to fetch other users' message processor preferences data.

- It was possible to escalate stored self-XSS to stored XSS where users login via OAuth 2.

- Permission overrides on individual blocks in the system dashboard did not cascade to user dashboards.

- A remote code execution risk was identified where file repository reference properties are parsed.

- Incorrect domain matching logic made it possible to bypass the proxy, which could result in access to hosts intended to be blocked by the proxy.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.