April 8, 2021 By Pierluigi Paganini
Wizcase experts discovered a security flaw in the open-source learning platform Moodle that could allow accounts takeover.
At the beginning of October 2020, the Wizcase cyber research team, led by Ata Hakcil, discovered a security vulnerability in the open-source learning platform Moodle. Anyone who had an account on a given school’s Moodle (with TeX filter enabled) could then take over students’ accounts, professors, and even the accounts managed by the platform administrators.
Moodle is an open-source educational platform used by 179,000 sites and has 242 million users. It allows universities to distribute content to students and teachers. It allows teachers to easily communicate with students, organize and post links, documents, assignments, quizzes, and grades.