Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9.3
    • Fix Version/s: 1.8.8, 1.9.4, 2.0
    • Component/s: Choice
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_18_STABLE, MOODLE_19_STABLE, MOODLE_20_STABLE

      Description

      just did a search on the use of $_POST in moodle and was surprised at the number of occurances.... spotted one in choice that should be fixed as it's used without being cleaned!
      in choice/report.php
      $attemptids = isset($_POST['attemptid']) ? $_POST['attemptid'] : array(); //get array of repsonses to delete.

        Gliffy Diagrams

          Attachments

            Activity

            Hide
            skodak Petr Skoda added a comment -

            thanks, going to review them once more this week, I hope all of them are by teachers who can XSS anyway
            there are some potential post type CSRF - missing sesskey tests

            Show
            skodak Petr Skoda added a comment - thanks, going to review them once more this week, I hope all of them are by teachers who can XSS anyway there are some potential post type CSRF - missing sesskey tests
            Hide
            danmarsden Dan Marsden added a comment -

            fix now in 1.8stable, 1.9stable and HEAD - also a small patch to check groupmode before bothering to call groupstuff

            Show
            danmarsden Dan Marsden added a comment - fix now in 1.8stable, 1.9stable and HEAD - also a small patch to check groupmode before bothering to call groupstuff
            Hide
            skodak Petr Skoda added a comment -

            lowering severity, the unchecked data ended in get_records which requires only magic_quotes, no sql injection tehre possible imo,
            thanks anyway!

            Show
            skodak Petr Skoda added a comment - lowering severity, the unchecked data ended in get_records which requires only magic_quotes, no sql injection tehre possible imo, thanks anyway!

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  28/Jan/09