Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 2.4.11 release notes

From MoodleDocs
Revision as of 02:11, 21 July 2014 by Michael de Raadt (talk | contribs) (Adding security release notes)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

This version of Moodle is no longer supported. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 2.4.11 release notes

Release date: 14 July, 2014

Here is the full list of fixed issues in 2.4.11.

Security issues

  • MSA-14-0020 Identity confusion in Shibboleth authentication
  • MSA-14-0021 Code injection in Repositories
  • MSA-14-0022 XML External Entity vulnerability in LTI module
  • MSA-14-0023 XML External Entity vulnerability in IMSCC and IMSCP
  • MSA-14-0024 Cross-site scripting vulnerability in profile field
  • MSA-14-0025 Remote code execution in Quiz
  • MSA-14-0026 Information leak in profile and notes pages
  • MSA-14-0027 Forum group posting issue
  • MSA-14-0029 Cross-site scripting vulnerability in exception dialogues
  • MSA-14-0032 Cross-site scripting in advanced grading methods

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_2.4.11_release_notes&oldid=45888"
Powered by MediaWiki