Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Moodle security advisory

Number: AV18-098
Date: 13 June 2018

Purpose

The purpose of this advisory is to bring attention to a security advisory released by Moodle.

Assessment

Moodle has released a product update to address remote code execution vulnerability.

Affected Product:
Moodle versions prior to 3.5.0

CVE Reference: CVE-2018-1133

Suggested action

CCIRC recommends that system administrators test and deploy the vendor released updates on affected platforms accordingly.

References

https://blog.ripstech.com/2018/moodle-remote-code-execution/
https://github.com/moodle/moodle/releases/tag/v3.5.0
https://moodle.org/mod/forum/discuss.php?d=371199#p1496353

Date modified: