This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 2.7.11 release notes

Release date: 9 November 2015

Here is the full list of fixed issues in 2.7.11.

Security issues

• MSA-15-0039 CSRF in site registration form
• MSA-15-0040 Student XSS in survey
• MSA-15-0041 XSS in flash video player
• MSA-15-0042 CSRF in lesson login form
• MSA-15-0043 Web service core_enrol_get_enrolled_users does not respect course group mode
• MSA-15-0044 Capability to view available badges is not respected
• MSA-15-0045 SCORM module allows to bypass access restrictions based on date
• MSA-15-0046 Choice module closing date can be bypassed

Fixes and improvements

• MDL-51083 - Fixed undesired browser password autofilling in several forms (majority of forms were fixed in MDL-45772 in previous release)
• MDL-51190 - Fixed MS Edge locking up when viewing embedded PDF

See also

• Moodle 2.7.10 release notes