Moodle Tackles LMS Security Vulnerabilities

Moodle's developers have released an update to the popular open source learning management system. The latest Moodle 2.0.2 and 1.9.11 releases address several major security vulnerabilities and also include some bug fixes and performance enhancements.

Moodle 2.0.2 tackles seven security flaws from the 2.0.1 release that developers characterized as "major," including cross-site scripting vulnerabilities, a cross-site request forgery issue, and potential issues involving disclosure of information. The 1.9 branch update only addresses three vulnerabilities--two related to cross-site scripting and one related to potential information disclosure.

In addition to security fixes, Moodle 2.0.2 includes dozens of other fixes and improvements, including performance enhancements and fixes to various minor issues with wikis, SCORM, saving, course backup, and assessments.

Outside of security issues, version 1.9.11 included only five bug fixes. Those were in areas of Google Chrome support for Moodle's HTML editor, time in reports and logs exported to Excel, and a few other minor problems.

Moodle 2.0.2 and Moodle 1.9.11 are both available now as free downloads from the Moodle site. Further details on the 2.0.2 update can be found here. Details on the 1.9.11 update can be found here. Direct downloads are available here.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • stacks of glowing digital documents with circuit patterns and data streams

    Mistral AI Intros Advanced AI-Powered OCR

    French AI startup Mistral AI has announced Mistral OCR, an advanced optical character recognition (OCR) API designed to convert printed and scanned documents into digital files with "unprecedented accuracy."

  • Google Classroom tools

    Google Announces Classroom Updates, New Tools for Chromebooks

    Google has introduced a variety of features across its products for education, announced recently at the 2025 BETT ed tech event in London. Among the additions are enhancements to Google Classroom and new tools for Chromebooks, "designed to help address the diverse needs of students around the world," Google said in a blog post.

  • DreamBox Math

    Discovery Education Announces Accessibility Enhancements for DreamBox Math

    Discovery Education has updated DreamBox Math, an online math program for K–8 students to supplement core instruction, to improve accessibility for K–5 students, according to a news release. DreamBox Math provides personalized instruction by adapting to individual learners’ responses and providing an engaging, dynamic learning environment.

  • interconnected geometric human figures forming a network

    CoSN: School Staffing Is the Top Hurdle to K-12 Innovation

    Hiring and keeping educators and IT staff remains the top challenge for K-12 education in 2025, according to the latest Driving K-12 Innovation Report from the Consortium for School Networking (CoSN).