Presentation – Security in Moodle Plugins

July 9th, 2015

Marina Glancy, the Development Process Manager in Moodle HQ has shared a presentation about the security in the Moodle plugins during the MoodleMoot Australia (#MootAu15).

The presentation includes the typical security vulnerabilities and their probable remedial actions like Cross-site scripting (XSS), Cross-site request forgery (CSRF), Privilege escalation (incl. unauthorised access), Information leakage, SQL injection, Command-line and code injection, Illegal files access, Denial of service, buffer overflow, timeout, etc. Read More