Moodle 1.9.9 release notes: Difference between revisions
From MoodleDocs
No edit summary |
Helen Foster (talk | contribs) (→Security issues: links to security announcements) |
||
Line 11: | Line 11: | ||
Some of these vulnerabilities are potentially serious so we strongly recommend you upgrade. | Some of these vulnerabilities are potentially serious so we strongly recommend you upgrade. | ||
* [http://moodle.org/mod/forum/discuss.php?d=152366 MSA-10-0010] Persistent Cross Site Scripting vulnerability in the MNET access control interface | |||
* [http://moodle.org/mod/forum/discuss.php?d=152367 MSA-10-0011] Cross Site Scripting vulnerability in blog/index.php | |||
* [http://moodle.org/mod/forum/discuss.php?d=152368 MSA-10-0012] KSES Security Filter Bypassing vulnerability | |||
* MSA-10-0011 | * [http://moodle.org/mod/forum/discuss.php?d=152369 MSA-10-0013] Potential Cross Site Scripting vulnerability in Quiz reports | ||
* MSA-10-0012 | |||
* MSA-10-0013 | |||
<noinclude> | <noinclude> |
Revision as of 10:35, 17 June 2010
Release date: 8th June, 2010
Here is the full list of issues fixed in 1.9.9
Highlights
- Some general minor bugs fixed in different areas.
- Four security fixes (see below).
Security issues
Some of these vulnerabilities are potentially serious so we strongly recommend you upgrade.
- MSA-10-0010 Persistent Cross Site Scripting vulnerability in the MNET access control interface
- MSA-10-0011 Cross Site Scripting vulnerability in blog/index.php
- MSA-10-0012 KSES Security Filter Bypassing vulnerability
- MSA-10-0013 Potential Cross Site Scripting vulnerability in Quiz reports