==================================================================== CERT-Renater Note d'Information No. 2020/VULN415 _____________________________________________________________________ DATE : 20/07/2020 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Moodle versions prior to 3.9.1, 3.8.4, 3.7.7, 3.5.13. ===================================================================== https://moodle.org/mod/forum/discuss.php?d=407393 https://moodle.org/mod/forum/discuss.php?d=407392 https://moodle.org/mod/forum/discuss.php?d=407394 https://moodle.org/mod/forum/discuss.php?d=407391 _____________________________________________________________________ MSA-20-0009: Course enrolments allowed privilege escalation from teacher role into manager role par Michael Hawkins, lundi 20 juillet 2020, 15:15 Teachers of a course were able to assign themselves the manager role within that course. Severity/Risk: Serious Versions affected: 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12 and earlier unsupported versions Versions fixed: 3.9.1, 3.8.4, 3.7.7 and 3.5.13 Reported by: Kien Hoang CVE identifier: CVE-2020-14321 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69093 Tracker issue: MDL-69093 Course enrolments allowed privilege escalation from teacher role into manager role _____________________________________________________________________ MSA-20-0008: Reflected XSS in admin task logs filter par Michael Hawkins, lundi 20 juillet 2020, 15:14 The filter in the admin task log required extra sanitizing to prevent a reflected XSS risk. Severity/Risk: Serious Versions affected: 3.9, 3.8 to 3.8.3 and 3.7 to 3.7.6 Versions fixed: 3.9.1, 3.8.4 and 3.7.7 Reported by: Spyridon Chatzimichail CVE identifier: CVE-2020-14320 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69128 Tracker issue: MDL-69128 Reflected XSS in admin task logs filter _____________________________________________________________________ MSA-20-0010: yui_combo should mitigate denial of service risk par Michael Hawkins, lundi 20 juillet 2020, 15:16 yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service. Severity/Risk: Serious Versions affected: 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12 and earlier unsupported versions Versions fixed: 3.9.1, 3.8.4, 3.7.7 and 3.5.13 Reported by: Yuri Zwaig CVE identifier: CVE-2020-14322 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-68426 Tracker issue: MDL-68426 yui_combo should mitigate denial of service risk _____________________________________________________________________ MSA-20-0007: Vulnerable JavaScript libraries: jQuery 1.9.1 (upstream) par Michael Hawkins, lundi 20 juillet 2020, 15:12 The JQuery version used by the H5P library contained a prototype pollution risk, which has now been updated to a patched version. Severity/Risk: Minor Versions affected: 3.8 to 3.8.3 Versions fixed: 3.8.4 and 3.9 Reported by: weblendweb CVE identifier: CVE-2019-11358 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-68704 Tracker issue: MDL-68704 Vulnerable JavaScript libraries: jQuery 1.9.1 (upstream) ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================