Moodle 2.6.11 release notes: Difference between revisions
From MoodleDocs
No edit summary |
|||
Line 5: | Line 5: | ||
Release date: Monday, 11th May 2015 | Release date: Monday, 11th May 2015 | ||
Here is [https://tracker.moodle.org/ | Here is [https://tracker.moodle.org/issues/?jql=project%20%3D%20mdl%20AND%20resolution%20%3D%20fixed%20AND%20fixVersion%20in%20%28%222.6.11%22%2C%20%222.6.11%2B%22%29%20ORDER%20BY%20priority%20DESC&runQuery=true&clear=true the full list of fixed issues in 2.6.11]. | ||
===Security issues=== | ===Security issues=== | ||
Line 16: | Line 16: | ||
* [https://moodle.org/mod/forum/discuss.php?d=313687 MSA-15-0024] User with suspended enrolment can see sections in the navigation tree | * [https://moodle.org/mod/forum/discuss.php?d=313687 MSA-15-0024] User with suspended enrolment can see sections in the navigation tree | ||
* [https://moodle.org/mod/forum/discuss.php?d=313688 MSA-15-0025] Capability to manage own files is not respected in Web Services | * [https://moodle.org/mod/forum/discuss.php?d=313688 MSA-15-0025] Capability to manage own files is not respected in Web Services | ||
===Fixes and improvements=== | |||
* MDL-50380 - Fixed missing parameter error when editing files in wiki | |||
==See also== | ==See also== |
Revision as of 09:12, 2 July 2015
This version of Moodle is no longer supported. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 2.6.11 release notes
Release date: Monday, 11th May 2015
Here is the full list of fixed issues in 2.6.11.
Security issues
- MSA-15-0018 Quiz manual-grading is an XSS risk, but does not declare that
- MSA-15-0019 Possible phishing when redirecting to external site using referer header
- MSA-15-0020 User fullname disclosure through account confirmation link
- MSA-15-0022 Potential XSS risk when returning text entered by student from Web Services
- MSA-15-0023 Suspended user is able to login when confirming email
- MSA-15-0024 User with suspended enrolment can see sections in the navigation tree
- MSA-15-0025 Capability to manage own files is not respected in Web Services
Fixes and improvements
- MDL-50380 - Fixed missing parameter error when editing files in wiki