Affected Systems: Moodle 2.4.xMoodle Moodle 2.3.xMoodle 2.2.xMoodle 2.1.xMoodle Moodle 1.9.x Description: Mirror CVE (CAN) ID: CVE-2012-6098, CVE-2012-6101, CVE-2012-6102, CVE-2012-6103, CVE-2012-6104, CVE-2012-6106, CVE-2012-6112 Moodle is a course Management System (CMS), also known as Learning Management System (LMS) or virtual learning environment (VLE ). Multiple vulnerabilities in the implementation of Moodle can be exploited by malicious users to bypass certain security restrictions, perform spoofing and cross-site request forgery attacks, and leak sensitive information. 1) The spellchecker plug-in of TinyMCE has an unknown details error. 2) When editing outcomes, the application does not have the correct verification function. You can set outcomes as a site-wide standard. To successfully exploit this vulnerability, you must have the instructor privilege. 3) The "returnurl" parameter value is not correctly verified and can be used to redirect users. Attackers can exploit this vulnerability to redirect users to any website. Affected Script: http: // [host]/backup/backupfilesedit. php http://www.bkjia.com /Comment/comment_post.phphttp: // [host]/course/switchrole. phphttp: // [host]/mod/wiki/filesedit. phphttp: // [host]/tag/coursetags_add.phphttp: // [host]/user/files. php 4) the application does not properly restrict access to the feedback comment viewing function and can be used to view restricted feedback and comments. 5) applications allow users to perform certain operations through HTTP requests without verifying these requests. 6) The application does not properly restrict access to certain blog posts and can be used to obtain restricted article content. 7) when processing the calendar, the application does not have the correct verification function and can be used to delete the calendar subscription of the course that the instructor has created. To successfully exploit this vulnerability, you must have the student privilege. <* Source: The vendor credits: 1) Petr Skoda2) Elena Ivanova3) Simon Coggins4) Dan poltaski 5) Andrew link: http://secunia.com/advisories/51842/ *> Suggestion: ------------------------------------------------------------------------------ vendor patch: Moodle ------ the vendor has released an upgrade patch to fix this security problem. Please download it from the vendor's homepage: https://moodle.org/mod/forum/discuss.php?d=219612https://moodle.org/mod/forum/discuss.php?d=220157https://moodle.org/mod/forum/discuss.php?d=220158https://moodle.org/mod/forum/discuss.php?d=220162https://moodle.org/mod/forum/discuss.php?d=220163https://moodle.org/mod/forum/discuss.php?d=220164https://moodle.org/mod/forum/discuss.php?d=220165https://moodle.org/mod/forum/discuss.php?d=220167