This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.

Releases > Moodle 2.3.8 release notes

Release date: 8 July 2013

Here is the full list of fixed issues in 2.3.8.

Security issues

A number of security related issues were resolved.

• MSA-13-0025 XSS vulnerability in YUI library
• MSA-13-0026 Personal information leak in IMS-LTI
• MSA-13-0027 Access issue in Chat module
• MSA-13-0028 Answer information revealed in Lesson activity
• MSA-13-0030 Information leak through RSS
• MSA-13-0031 Personal information leak in Feedback activity

Fixes and improvements

• MDL-39363 - SCORM pass/fail status is set for a grade of 0.
• MDL-39177 - Overwriting files always observes the "alias" attribute.
• MDL-33719 - When overwriting a copy of a file with an alias/shortcut of a file, the file thumbnail is refreshed.
• MDL-40142 - No JavaScript error is caused by the navigation block in relation to course categories.
• MDL-39512 - The manual graded question behaviour has been disabled by default.

See also

• Moodle 2.3.7 release notes