Moodle 2.3.10 release notes
From MoodleDocs
This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.3.10 release notes
Release date: 14 November 2013
Here is the full list of fixed issues in 2.3.10.
Security issues
- MSA-13-0036 Incorrect headers sent for secured resources
- MSA-13-0037 Cross site scripting in Messages
- MSA-13-0038 Access to server files through repository
- MSA-13-0039 Cross site scripting in Quiz
- MSA-13-0040 Cross site scripting vulnerability in YUI library
Fixes and improvements
- MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed.