Moodle 2.6.10 release notes
This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.
This version of Moodle is no longer supported. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 2.6.10 release notes
2.6.10 release date: Tuesday, 10 March 2015
This page also covers issues resolved in 2.6.9, released on Monday, 9 March 2015
- MSA-15-0010 Personal contacts and number of unread messages can be revealed
- MSA-15-0011 Authentication in mdeploy can be bypassed
- MSA-15-0012 ReDoS Possible with Convert links to URLs filter
- MSA-15-0013 Block title not properly escaped and may cause HTML injection
- MSA-15-0014 Potential information disclosure for the inaccessible courses
- MSA-15-0015 User without proper permission is able to mark the tag as inappropriate
- MSA-15-0016 Web services token can be created for user with temporary password
- MSA-15-0017 XSS in quiz statistics report
Fixes and improvements
- MDL-49167 - Fixed regression with $CFG->yuislasharguments introduced by previous minor release