Moodle 2.8.12 release notes: Difference between revisions
From MoodleDocs
No edit summary |
|||
Line 9: | Line 9: | ||
===Security issues=== | ===Security issues=== | ||
* [https://moodle.org/mod/forum/discuss.php?d=333186 MSA-16-0013] Users are able to change profile fields that were locked by the administrator | |||
* [https://moodle.org/mod/forum/discuss.php?d=333189 MSA-16-0015] Information disclosure of hidden forum names and sub-names. | |||
* [https://moodle.org/mod/forum/discuss.php?d=333190 MSA-16-0016] User can view badges of other users without proper permissions | |||
* [https://moodle.org/mod/forum/discuss.php?d=333191 MSA-16-0017] Course idnumber not protected from teacher restore | |||
* [https://moodle.org/mod/forum/discuss.php?d=333192 MSA-16-0018] CSRF in script marking forum posts as read | |||
==See also== | ==See also== |
Revision as of 06:01, 17 May 2016
This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 2.8.12 release notes
Release date: 9 May, 2016
Here is the full list of fixed issues in 2.8.12.
Security issues
- MSA-16-0013 Users are able to change profile fields that were locked by the administrator
- MSA-16-0015 Information disclosure of hidden forum names and sub-names.
- MSA-16-0016 User can view badges of other users without proper permissions
- MSA-16-0017 Course idnumber not protected from teacher restore
- MSA-16-0018 CSRF in script marking forum posts as read