Moodle 2.6.11
Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.
You are encouraged to upgrade to a supported version of Moodle.
Release date: Monday, 11th May 2015
Here is the full list of fixed issues in 2.6.11.
Security issues
- MSA-15-0018 Quiz manual-grading is an XSS risk, but does not declare that
- MSA-15-0019 Possible phishing when redirecting to external site using referer header
- MSA-15-0020 User fullname disclosure through account confirmation link
- MSA-15-0022 Potential XSS risk when returning text entered by student from Web Services
- MSA-15-0023 Suspended user is able to login when confirming email
- MSA-15-0024 User with suspended enrolment can see sections in the navigation tree
- MSA-15-0025 Capability to manage own files is not respected in Web Services
Fixes and improvements
- MDL-50380 - Fixed missing parameter error when editing files in wiki