Multiple security issues have been fixed in the Moodle 2.7.3, 2.6.6, and 2.5.9 releases:
As per the above link, details of what those issues are will be published at a later date.
Created moodle tracking bugs for this issue:
Affects: fedora-all [bug 1164072]
Affects: epel-6 [bug 1164073]
These issues were assigned CVE-2014-7830, CVE-2014-7845, CVE-2014-7831, CVE-2014-7832, CVE-2014-7833, CVE-2014-7846, CVE-2014-7847, CVE-2014-7834, CVE-2014-7848, CVE-2014-7835, CVE-2014-7836, CVE-2014-7837, and CVE-2014-7838.
Refer to http://www.openwall.com/lists/oss-security/2014/11/17/11 for full details.