Moodle 2.3.10 release notes: Difference between revisions
From MoodleDocs
(Adding security release notes) |
David Mudrak (talk | contribs) m (MDLSITE-6551) |
||
Line 15: | Line 15: | ||
* [https://moodle.org/mod/forum/discuss.php?d=244483 MSA-13-0040] Cross site scripting vulnerability in YUI library | * [https://moodle.org/mod/forum/discuss.php?d=244483 MSA-13-0040] Cross site scripting vulnerability in YUI library | ||
=== | ===tablees and improvements=== | ||
* MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed. | * MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed. |
Revision as of 13:06, 9 August 2021
This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.3.10 release notes
Release date: 14 November 2013
Here is the full list of fixed issues in 2.3.10.
Security issues
- MSA-13-0036 Incorrect headers sent for secured resources
- MSA-13-0037 Cross site scripting in Messages
- MSA-13-0038 Access to server files through repository
- MSA-13-0039 Cross site scripting in Quiz
- MSA-13-0040 Cross site scripting vulnerability in YUI library
tablees and improvements
- MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed.