Moodle 3.7.8 release notes

From MoodleDocs
Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 3.7.8 release notes


Release date: 14 September 2020

Here is the full list of fixed issues in 3.7.8.

For developers

  • MDL-69068 - Allow behat generators to be pivoted

Security fixes

  • MSA-20-0012 Reflected XSS in tag manager
  • MSA-20-0013 "Log in as" capability in a course context may lead to some privilege escalation
  • MSA-20-0014 Denial of service risk in file picker unzip functionality
  • MSA-20-0015 Chapter name in book not always escaped with forceclean enabled

See also