Moodle 2.5.9

Unsupported Moodle Version

This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 10 November, 2014

Here is the full list of fixed issues in 2.5.9.

Security issues

MSA-14-0035 Headers not added to some AJAX scripts
MSA-14-0036 XSS in mapcourse script in Feedback module
MSA-14-0037 Weak temporary password generation
MSA-14-0039 Insufficient access check in LTI module
MSA-14-0040 Information leak in Database activity module
MSA-14-0041 Lack of capability check in tags list access
MSA-14-0042 Lack of access check in IP lookup functionality
MSA-14-0046 CSRF in LTI module
MSA-14-0047 Possible data loss in Wiki activity
MSA-14-0048 CSRF in forum tracking toggle
MSA-14-0049 Possible to print arbitrary message to user by modifying URL

Translations

Notes de mise à jour de Moodle 2.5.9
Notas de Moodle 2.5.9

Security issues​

Translations​

Security issues

Translations