Moodle 1.8.7 release notes: Difference between revisions
From MoodleDocs
(→Security issues: There is the 1.8 category along with release notes category) |
Dev Docs Bot (talk | contribs) m (Protected "Moodle 1.8.7 release notes": Developer Docs Migration ([Edit=Allow only administrators] (indefinite))) |
||
(7 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
{{Template:Migrated|newDocId=/general/releases/1.8/1.8.7}} | |||
Release date: 15th October 2008 | Release date: 15th October 2008 | ||
Line 4: | Line 5: | ||
===Security issues=== | ===Security issues=== | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=108588 MSA-08-0020]: quiz/questions capabilities lack some risk flags in access.php files | ||
* [http://moodle.org/mod/forum/discuss.php?d=108589 MSA-08-0021]: design deficiency combined with incorrect use of format_string() allowing XSS | |||
* [http://moodle.org/mod/forum/discuss.php?d=108590 MSA-08-0022]: XSS through Wiki page titles | |||
* [http://moodle.org/mod/forum/discuss.php?d=108591 MSA-08-0023]: CSRF in messaging setting | |||
* [http://moodle.org/mod/forum/discuss.php?d=108592 MSA-08-0024]: Overriding of frozen values in Moodle forms | |||
<noinclude> | |||
[[Category:Release notes]] | [[Category:Release notes]] | ||
[[Category:Moodle 1.8]] | |||
[[de:Moodle 1.8.7 Versionsinformationen]] | |||
[[fr:Notes de mise à jour de Moodle 1.8.7]] | |||
</noinclude> |
Latest revision as of 09:07, 25 May 2022
Important:
This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date. Why not view this page on the new site and help us to migrate more content to the new site! |
Release date: 15th October 2008
Here is the full list of fixed issues in 1.8.7.
Security issues
- MSA-08-0020: quiz/questions capabilities lack some risk flags in access.php files
- MSA-08-0021: design deficiency combined with incorrect use of format_string() allowing XSS
- MSA-08-0022: XSS through Wiki page titles
- MSA-08-0023: CSRF in messaging setting
- MSA-08-0024: Overriding of frozen values in Moodle forms