Moodle 1.8.7 release notes

Jump to: navigation, search

Release date: 15th October 2008

Here is the full list of fixed issues in 1.8.7.

Security issues

  • MSA-08-0020: quiz/questions capabilities lack some risk flags in access.php files
  • MSA-08-0021: design deficiency combined with incorrect use of format_string() allowing XSS
  • MSA-08-0022: XSS through Wiki page titles
  • MSA-08-0023: CSRF in messaging setting
  • MSA-08-0024: Overriding of frozen values in Moodle forms