Moodle 3.7.7 release notes: Difference between revisions
From MoodleDocs
mNo edit summary |
|||
Line 19: | Line 19: | ||
==Security fixes== | ==Security fixes== | ||
* [https://moodle.org/mod/forum/discuss.php?d=407392 MSA-20-0008] Reflected XSS in admin task logs filter | |||
* [https://moodle.org/mod/forum/discuss.php?d=407393 MSA-20-0009] Course enrolments allowed privilege escalation from teacher role into manager role | |||
* [https://moodle.org/mod/forum/discuss.php?d=407394 MSA-20-0010] yui_combo should mitigate denial of service risk | |||
==See also== | ==See also== |
Revision as of 07:20, 20 July 2020
Releases > Moodle 3.7.7 release notes
Release date: 13 July 2020
Here is the full list of fixed issues in 3.7.7.
General fixes and improvements
- MDL-68864 - Clear my choice for single answer multiple choice questions is erratic
- MDL-66917 - No validation that uploaded (from zip) plugin has higher version than installed
- MDL-69002 - Backpack authenticate check called too regularly for admin
- MDL-68847 - Fix missing variable bug with link dnd code
- MDL-68733 - quiz random question tags are deleted accidentally on entire site
Security improvements
- MDL-68631 - Cron current user may not be reset between scheduled tasks
Security fixes
- MSA-20-0008 Reflected XSS in admin task logs filter
- MSA-20-0009 Course enrolments allowed privilege escalation from teacher role into manager role
- MSA-20-0010 yui_combo should mitigate denial of service risk