MSA-17-0002: Incorrect sanitation of attributes in forums - CVE-2017-2576 https://moodle.org/mod/forum/discuss.php?d=345912 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56225 MSA-17-0004: XSS in assignment submission page - CVE-2017-2578 https://moodle.org/mod/forum/discuss.php?d=345915 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57580 References: https://moodle.org/news/#p1393111
Created moodle tracking bugs for this issue: Affects: fedora-all [bug 1401064] Affects: epel-all [bug 1401065]