Moodle 2.3.10

Unsupported Moodle Version

This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 14 November 2013

Here is the full list of fixed issues in 2.3.10.

Security issues

• MSA-13-0036 Incorrect headers sent for secured resources
• MSA-13-0037 Cross site scripting in Messages
• MSA-13-0038 Access to server files through repository
• MSA-13-0039 Cross site scripting in Quiz
• MSA-13-0040 Cross site scripting vulnerability in YUI library

Fixes and improvements

• MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed.

Translations

• Notes de mise à jour de Moodle 2.3.10
• Notas de Moodle 2.3.10