Marina Glancy, the Development Process Manager in Moodle HQ has shared a presentation about the security in the Moodle plugins during the MoodleMoot Australia (#MootAu15).
The presentation includes the typical security vulnerabilities and their probable remedial actions like Cross-site scripting (XSS), Cross-site request forgery (CSRF), Privilege escalation (incl. unauthorised access), Information leakage, SQL injection, Command-line and code injection, Illegal files access, Denial of service, buffer overflow, timeout, etc.
Below is the embedded presentation and here is the direct link.

Please share your experience about security of your Moodle site in the comments.

Post Pages - Post Inline - WIRIS
Previous articleCreating dependent Menus using database module
Next articlePresentation – Extending Moodle' question type abilities


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.