von Michael Hawkins. Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers).Severity/Risk:SeriousVersions affected:4.1 to 4.1.1, 4.0 to 4.0.6, 3.11 to 3.11.12, 3.9 to 3.9.19 and earlier unsupported versionsVersions fixed:4.1.2, 4.0.7, 3.11.13 and 3.9.20Reported by:Vincent Schneider (cli-ish)CVE identifier:CVE-2023-28329Changes
More info:
https://moodle.org/mod/forum/discuss.php?d=445061&parent=1788894
von Michael Hawkins. Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.Severity/Risk:SeriousVersions affected:4.1 to 4.1.1, 4.0 to 4.0.6, 3.11 to 3.11.12, 3.9 to 3.9.19 and earlier unsupported versionsVersions fixed:4.1.2, 4.0.7, 3.11.13 and 3.9.20Reported by:Vincent Schneider (cli-ish)Workaround:Remove restore activity/course capabilities until the patch is applied.CVE
More info:
https://moodle.org/mod/forum/discuss.php?d=445062&parent=1788895
von Michael Hawkins. If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.Severity/Risk:MinorVersions affected:4.1 to 4.1.1, 4.0 to 4.0.6, 3.11 to 3.11.12, 3.9 to 3.9.19 and earlier unsupported versionsVersions fixed:4.1.2, 4.0.7, 3.11.13 and 3.9.20Reported by:Petr SkodaWorkaround:Ensure that if the algebra filter is enabled, it is correctly configured and functional (otherwise, ensure it is disabled).CVE
More info:
https://moodle.org/mod/forum/discuss.php?d=445064&parent=1788897
von Michael Hawkins. Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.Severity/Risk:SeriousVersions affected:4.1 to 4.1.1, 4.0 to 4.0.6, 3.11 to 3.11.12, 3.9 to 3.9.19 and earlier unsupported versionsVersions fixed:4.1.2, 4.0.7, 3.11.13 and 3.9.20Reported by:Petr SkodaWorkaround:Disable the database auto-linking filter until the patch has been applied.CVE identifier:CVE-2023-28331Changes
More info:
https://moodle.org/mod/forum/discuss.php?d=445063&parent=1788896
von Michael Hawkins. Authenticated users were able to enumerate other users names via the learning plans page.Severity/Risk:MinorVersions affected:4.1 to 4.1.1 and 4.0 to 4.0.6Versions fixed:4.1.2 and 4.0.7Reported by:Paul HoldenCVE identifier:CVE-2023-28334Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77129Tracker issue:MDL-77129 Users name enumeration possible via IDOR on learning plans page
More info:
https://moodle.org/mod/forum/discuss.php?d=445066&parent=1788899
von Michael Hawkins. The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).Severity/Risk:MinorVersions affected:4.1 to 4.1.1, 4.0 to 4.0.6, 3.11 to 3.11.12, 3.9 to 3.9.19 and earlier unsupported versionsVersions fixed:4.1.2, 4.0.7, 3.11.13 and 3.9.20Reported by:Lars BonczekCVE identifier:CVE-2023-28333Changes
More info:
https://moodle.org/mod/forum/discuss.php?d=445065&parent=1788898
von Michael Hawkins. The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.Severity/Risk:MinorVersions affected:4.1 to 4.1.1Versions fixed:4.1.2Reported by:DegrangeMCVE identifier:CVE-2023-28335Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77008Tracker issue:MDL-77008 CSRF risk in resetting all templates of a database activity
More info:
https://moodle.org/mod/forum/discuss.php?d=445067&parent=1788900
Security Advisory Description Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
More info:
https://my.f5.com/manage/s/article/K000133630?utm_source=f5support&utm_medium=RSS
Security Advisory Description A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use- ...
More info:
https://my.f5.com/manage/s/article/K000133644?utm_source=f5support&utm_medium=RSS
Security Advisory Description Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
More info:
https://my.f5.com/manage/s/article/K000133635?utm_source=f5support&utm_medium=RSS
