Moodle 2.7.11 release notes
Notice: Moodle Docs will be switched to read-only mode starting on Tuesday 17 October 14:00 UTC for server maintenance. The estimated read-only period should not take more than 24 hours.
This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 2.7.11 release notes
Release date: 9 November 2015
- MSA-15-0039 CSRF in site registration form
- MSA-15-0040 Student XSS in survey
- MSA-15-0041 XSS in flash video player
- MSA-15-0042 CSRF in lesson login form
- MSA-15-0043 Web service core_enrol_get_enrolled_users does not respect course group mode
- MSA-15-0044 Capability to view available badges is not respected
- MSA-15-0045 SCORM module allows to bypass access restrictions based on date
- MSA-15-0046 Choice module closing date can be bypassed
Fixes and improvements
- MDL-51083 - Fixed undesired browser password autofilling in several forms (majority of forms were fixed in MDL-45772 in previous release)
- MDL-51190 - Fixed MS Edge locking up when viewing embedded PDF