Moodle Tackles LMS Security Vulnerabilities

Moodle's developers have released an update to the popular open source learning management system. The latest Moodle 2.0.2 and 1.9.11 releases address several major security vulnerabilities and also include some bug fixes and performance enhancements.

Moodle 2.0.2 tackles seven security flaws from the 2.0.1 release that developers characterized as "major," including cross-site scripting vulnerabilities, a cross-site request forgery issue, and potential issues involving disclosure of information. The 1.9 branch update only addresses three vulnerabilities--two related to cross-site scripting and one related to potential information disclosure.

In addition to security fixes, Moodle 2.0.2 includes dozens of other fixes and improvements, including performance enhancements and fixes to various minor issues with wikis, SCORM, saving, course backup, and assessments.

Outside of security issues, version 1.9.11 included only five bug fixes. Those were in areas of Google Chrome support for Moodle's HTML editor, time in reports and logs exported to Excel, and a few other minor problems.

Moodle 2.0.2 and Moodle 1.9.11 are both available now as free downloads from the Moodle site. Further details on the 2.0.2 update can be found here. Details on the 1.9.11 update can be found here. Direct downloads are available here.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • person typing on a touch screen schedule plan calendar

    2025 Tech Tactics in Education Conference Agenda Announced

    Registration is free for this fully virtual May 7 event, focused on "Thriving in the Age of AI" in K-12 and higher education.

  • laptop on a clean desk with digital padlock icon on the screen

    Data Privacy a Top Concern as Orgs Scale Up AI Agents

    As organizations race to integrate AI agents into their cloud operations and workflows, they face a crucial reality: while enthusiasm is high, major adoption barriers remain, according to a new Cloudera report. Chief among them is the challenge of safeguarding sensitive data.

  • glowing digital brain made of blue circuitry hovers above multiple stylized clouds of interconnected network nodes against a dark, futuristic background

    Report: 85% of Organizations Are Leveraging AI

    Eighty-five percent of organizations today are utilizing some form of AI, according to the latest State of AI in the Cloud 2025 report from Wiz. While AI's role in innovation and disruption continues to expand, security vulnerabilities and governance challenges remain pressing concerns.

  • Two digital hands made of interconnected lines and nodes shaking hands firmly against a minimal technological background

    IBM to Acquire AI and Data Solutions Provider DataStax

    IBM has announced the planned acquisition AI and data solutions provider DataStax, in a move aimed at enhancing its watsonx portfolio and advancing generative artificial intelligence (AI) capabilities for enterprises.