Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 2.6.10 release notes

From MoodleDocs
Revision as of 13:14, 9 August 2021 by David Mudrak (talk | contribs) (Reverted edits by Mudrd8mz (talk) to last revision by Marina Glancy)

This version of Moodle is no longer supported. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 2.6.10 release notes

2.6.10 release date: Tuesday, 10 March 2015

This page also covers issues resolved in 2.6.9, released on Monday, 9 March 2015

Here is the full list of fixed issues in 2.6.9 and 2.6.10.

Security issues

  • MSA-15-0010 Personal contacts and number of unread messages can be revealed
  • MSA-15-0011 Authentication in mdeploy can be bypassed
  • MSA-15-0012 ReDoS Possible with Convert links to URLs filter
  • MSA-15-0013 Block title not properly escaped and may cause HTML injection
  • MSA-15-0014 Potential information disclosure for the inaccessible courses
  • MSA-15-0015 User without proper permission is able to mark the tag as inappropriate
  • MSA-15-0016 Web services token can be created for user with temporary password
  • MSA-15-0017 XSS in quiz statistics report

Fixes and improvements

  • MDL-49167 - Fixed regression with $CFG->yuislasharguments introduced by previous minor release

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_2.6.10_release_notes&oldid=60914"
Powered by MediaWiki