Moodle 2.6.11 release notes

From MoodleDocs
Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

This version of Moodle is no longer supported. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 2.6.11 release notes

Release date: Monday, 11th May 2015

Here is the full list of fixed issues in 2.6.11.

Security issues

  • MSA-15-0018 Quiz manual-grading is an XSS risk, but does not declare that
  • MSA-15-0019 Possible phishing when redirecting to external site using referer header
  • MSA-15-0020 User fullname disclosure through account confirmation link
  • MSA-15-0022 Potential XSS risk when returning text entered by student from Web Services
  • MSA-15-0023 Suspended user is able to login when confirming email
  • MSA-15-0024 User with suspended enrolment can see sections in the navigation tree
  • MSA-15-0025 Capability to manage own files is not respected in Web Services

Fixes and improvements

  • MDL-50380 - Fixed missing parameter error when editing files in wiki

See also