Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9.3
    • Fix Version/s: 1.8.8, 1.9.4, 2.0
    • Component/s: Choice
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_18_STABLE, MOODLE_19_STABLE, MOODLE_20_STABLE

      Description

      just did a search on the use of $_POST in moodle and was surprised at the number of occurances.... spotted one in choice that should be fixed as it's used without being cleaned!
      in choice/report.php
      $attemptids = isset($_POST['attemptid']) ? $_POST['attemptid'] : array(); //get array of repsonses to delete.

        Gliffy Diagrams

          Activity

          Hide
          skodak Petr Skoda added a comment -

          thanks, going to review them once more this week, I hope all of them are by teachers who can XSS anyway
          there are some potential post type CSRF - missing sesskey tests

          Show
          skodak Petr Skoda added a comment - thanks, going to review them once more this week, I hope all of them are by teachers who can XSS anyway there are some potential post type CSRF - missing sesskey tests
          Hide
          danmarsden Dan Marsden added a comment -

          fix now in 1.8stable, 1.9stable and HEAD - also a small patch to check groupmode before bothering to call groupstuff

          Show
          danmarsden Dan Marsden added a comment - fix now in 1.8stable, 1.9stable and HEAD - also a small patch to check groupmode before bothering to call groupstuff
          Hide
          skodak Petr Skoda added a comment -

          lowering severity, the unchecked data ended in get_records which requires only magic_quotes, no sql injection tehre possible imo,
          thanks anyway!

          Show
          skodak Petr Skoda added a comment - lowering severity, the unchecked data ended in get_records which requires only magic_quotes, no sql injection tehre possible imo, thanks anyway!

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                28/Jan/09