Moodle 2.3.10 release notes: Difference between revisions
From MoodleDocs
David Mudrak (talk | contribs) m (MDLSITE-6551) |
David Mudrak (talk | contribs) m (Reverted edits by Mudrd8mz (talk) to last revision by Michael de Raadt) Tag: Rollback |
||
Line 15: | Line 15: | ||
* [https://moodle.org/mod/forum/discuss.php?d=244483 MSA-13-0040] Cross site scripting vulnerability in YUI library | * [https://moodle.org/mod/forum/discuss.php?d=244483 MSA-13-0040] Cross site scripting vulnerability in YUI library | ||
=== | ===Fixes and improvements=== | ||
* MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed. | * MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed. |
Revision as of 13:14, 9 August 2021
This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.3.10 release notes
Release date: 14 November 2013
Here is the full list of fixed issues in 2.3.10.
Security issues
- MSA-13-0036 Incorrect headers sent for secured resources
- MSA-13-0037 Cross site scripting in Messages
- MSA-13-0038 Access to server files through repository
- MSA-13-0039 Cross site scripting in Quiz
- MSA-13-0040 Cross site scripting vulnerability in YUI library
Fixes and improvements
- MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed.