Moodle 2.2.8
Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.
You are encouraged to upgrade to a supported version of Moodle.
note
Because of a serious regression in the 2.2.8 release, Moodle 2.2.9 was release on Mon 18 March, 2013.
Release date: 11 March 2013
Here is the full list of fixed issues in 2.2.8.
Security issues
- MSA-13-0012 Information leak in course profiles
- MSA-13-0013 Server information revealed through exception messages
- MSA-13-0014 Password revealed in WebDav repository
- MSA-13-0015 Cross-site scripting issue in Filepicker
- MSA-13-0016 External Entity Injection through Zend library
- MSA-13-0017 Form manipulation issue in notes
- MSA-13-0018 Personal information leak through repositories
- MSA-13-0019 Unauthorised settings editing through WebDav repository
Fixes and improvements
- MDL-37774 - Moodle 1.9 to 2.x course restore now works with directory resources