Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 3.5.14 release notes: Difference between revisions

From MoodleDocs
(release date)
Line 13: Line 13:
==Security issues==
==Security issues==
   
   
Details of any security issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
* [https://moodle.org/mod/forum/discuss.php?d=410840 MSA-20-0012] Reflected XSS in tag manager
* [https://moodle.org/mod/forum/discuss.php?d=410841 MSA-20-0013] "Log in as" capability in a course context may lead to some privilege escalation
* [https://moodle.org/mod/forum/discuss.php?d=410842 MSA-20-0014] Denial of service risk in file picker unzip functionality
 
==See also==
==See also==
*[[Moodle 3.5.13 release notes]]
*[[Moodle 3.5.13 release notes]]

Revision as of 07:40, 21 September 2020

This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 3.5.14 release notes

Release date: 14 September 2020

Here is the full list of fixed issues in 3.5.14.

For developers

  • MDL-69068 - Allow behat generators to be pivoted

Security issues

  • MSA-20-0012 Reflected XSS in tag manager
  • MSA-20-0013 "Log in as" capability in a course context may lead to some privilege escalation
  • MSA-20-0014 Denial of service risk in file picker unzip functionality

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_3.5.14_release_notes&oldid=57881"
Powered by MediaWiki