Brendan Cox

**Name of the Vulnerable Software and Affected Versions** Moodle versions prior to 3.6.3 Moodle versions prior to 3.5.5 Moodle versions prior to 3.4.8 **Description** A vulnerability was found that allows users to assign themselves an escalated role within courses or content accessed via LTI. This is achieved by modifying the request to the LTI publisher site. **Recommendations** For versions prior to 3.6.3, update to version 3.6.3 or later. For versions prior to 3.5.5, update to version 3.5.5 or later. For versions prior to 3.4.8, update to version 3.4.8 or later.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.x **Description** An issue allows students who submitted assignments and exported them to portfolios to download any stored Moodle file by changing the download URL. **Recommendations** For Moodle versions 3.x, update to a version where this issue is fixed, or as a temporary workaround, consider restricting access to the portfolio export feature to prevent unauthorized file downloads.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.x **Description** An issue allows students who have posted on forums and exported these posts to portfolios to download any stored Moodle file. This is achieved by modifying the download URL. **Recommendations** For Moodle versions 3.x, consider restricting access to the portfolio export feature for students until a fix is available. As a temporary workaround, monitor and limit changes to download URLs to prevent unauthorized file access.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.x **Description** An issue allows authenticated users to add HTML blocks containing scripts to their Dashboard. Normally, this would not be a security issue since a personal dashboard is only visible to the user. However, through this issue, users can move such blocks to other pages where they can be viewed by other users. **Recommendations** For Moodle versions 3.x, restrict the ability of users to move HTML blocks to other pages to minimize the risk of exploitation. Consider disabling the addition of HTML blocks containing scripts to the Dashboard until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.x **Description** An issue was discovered that allows users to instantiate any class by substituting URLs in portfolios. This can be exploited by users who are logged in as guests to create a DDoS attack. **Recommendations** For Moodle versions 3.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.1 through 3.1.10 Moodle versions 3.2 through 3.2.7 Moodle versions 3.3 through 3.3.4 Moodle versions 3.4 through 3.4.1 **Description** A flaw was found that allows unauthenticated users to trigger custom messages to admins via the paypal enrol script. The paypal IPN callback script fails to verify the request origin before sending error emails to admins, which can lead to admin email spamming. **Recommendations** For Moodle versions 3.1 through 3.1.10, update the paypal IPN callback script to verify the request origin before sending error emails to admins. For Moodle versions 3.2 through 3.2.7, update the paypal IPN callback script to verify the request origin before sending error emails to admins. For Moodle versions 3.3 through 3.3.4, update the paypal IPN callback script to verify the request origin before sending error emails to admins. For Moodle versions 3.4 through 3.4.1, update the paypal IPN callback script to verify the request origin before sending error emails to admins.