Moodle 2.6.10 release notes: Difference between revisions
From MoodleDocs
David Mudrak (talk | contribs) m (MDLSITE-6551) |
|||
Line 20: | Line 20: | ||
* [https://moodle.org/mod/forum/discuss.php?d=307387 MSA-15-0017] XSS in quiz statistics report | * [https://moodle.org/mod/forum/discuss.php?d=307387 MSA-15-0017] XSS in quiz statistics report | ||
=== | ===tablees and improvements=== | ||
* MDL-49167 - | * MDL-49167 - tableed regression with $CFG->yuislasharguments introduced by previous minor release | ||
==See also== | ==See also== |
Revision as of 13:06, 9 August 2021
This version of Moodle is no longer supported. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 2.6.10 release notes
2.6.10 release date: Tuesday, 10 March 2015
This page also covers issues resolved in 2.6.9, released on Monday, 9 March 2015
Here is the full list of fixed issues in 2.6.9 and 2.6.10.
Security issues
- MSA-15-0010 Personal contacts and number of unread messages can be revealed
- MSA-15-0011 Authentication in mdeploy can be bypassed
- MSA-15-0012 ReDoS Possible with Convert links to URLs filter
- MSA-15-0013 Block title not properly escaped and may cause HTML injection
- MSA-15-0014 Potential information disclosure for the inaccessible courses
- MSA-15-0015 User without proper permission is able to mark the tag as inappropriate
- MSA-15-0016 Web services token can be created for user with temporary password
- MSA-15-0017 XSS in quiz statistics report
tablees and improvements
- MDL-49167 - tableed regression with $CFG->yuislasharguments introduced by previous minor release