Moodle Tackles LMS Security Vulnerabilities

Moodle's developers have released an update to the popular open source learning management system. The latest Moodle 2.0.2 and 1.9.11 releases address several major security vulnerabilities and also include some bug fixes and performance enhancements.

Moodle 2.0.2 tackles seven security flaws from the 2.0.1 release that developers characterized as "major," including cross-site scripting vulnerabilities, a cross-site request forgery issue, and potential issues involving disclosure of information. The 1.9 branch update only addresses three vulnerabilities--two related to cross-site scripting and one related to potential information disclosure.

In addition to security fixes, Moodle 2.0.2 includes dozens of other fixes and improvements, including performance enhancements and fixes to various minor issues with wikis, SCORM, saving, course backup, and assessments.

Outside of security issues, version 1.9.11 included only five bug fixes. Those were in areas of Google Chrome support for Moodle's HTML editor, time in reports and logs exported to Excel, and a few other minor problems.

Moodle 2.0.2 and Moodle 1.9.11 are both available now as free downloads from the Moodle site. Further details on the 2.0.2 update can be found here. Details on the 1.9.11 update can be found here. Direct downloads are available here.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • tutor and student working together at a laptop

    You've Paid for Tutoring. Here's How to Make Sure It Works.

    As districts and states nationwide invest in tutoring, it remains one of the best tools in our educational toolkit, yielding positive impacts on student learning at scale. But to maximize return on investment, both financially and academically, we must focus on improving implementation.

  • MakerBot Nebula

    UltiMaker Launches Differentiated Learning Platform, Announces New MakerBot Grants

    UltiMaker, a provider of 3D printing solutions for education, has launched an AI-powered differentiated learning platform designed for STEM learning.

  • diverse business people using laptops overlaid with data processing textures

    Microsoft Copilot Gains Context‑Aware Agents for Teams, SharePoint and Viva Engage

    Microsoft has unveiled a public‑preview of its collaborative agents in Microsoft 365 Copilot, bringing a array of "always‑on" agents grounded in context for channels, meetings, SharePoint sites, Viva Engage communities, and Planner workloads.

  • stylized illustration of a desktop, laptop, tablet, and smartphone all displaying an orange AI icon

    Survey: AI Shifting from Cloud to PCs

    A recent Intel-commissioned report identifies a significant shift in AI adoption, moving away from the cloud and closer to the user. Businesses are increasingly turning to the specialized hardware of AI PCs, the survey found, recognizing their potential not just for productivity gains, but for revolutionizing IT efficiency, fortifying data security, and delivering a compelling return on investment by bringing AI capabilities directly to the edge.