Skip to main content

Forums
Documentation
Downloads
Demo
Tracker
Development
Translation

What are you looking for?

Learn about Moodle's products, like Moodle LMS or Moodle Worplace, or find a Moodle Certified Service Provider.

Moodle.com

Our social network to share and curate open educational resources.

MoodleNet

Courses and programs to develop your skills as a Moodle educator, administrator, designer or developer.

Moodle Academy

Moodle.com
Learn about Moodle's products, like Moodle LMS or Moodle Worplace, or find a Moodle Certified Service Provider.

MoodleNet
Our social network to share and curate open educational resources.

Moodle Academy
Courses and programs to develop your skills as a Moodle educator, administrator, designer or developer.

Moodle 1.9.2

Unsupported Moodle Version

This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 11th July 2008

Here is the full list of fixed issues in 1.9.2.

Highlights

Compatibility fixes for MSSQL, Oracle and PostgreSQL
Improved triggering of core events (though contributed code needs to be updated - see MDL-9983)
Email change confirmation and other improvements relating to reducing the risk of spam
Forum subscription improvements
Setting for deleting not-fully-set-up accounts
Quiz report enhancements and bug fixes (see Quiz report enhancements for full list, though most are planned for Moodle 2.0)

Security issues

MSA-08-0010: sql injection in HotPot module
MSA-08-0012: Potential non-persistent XSS when searching for group members (MSSQL and Oracle only)
MSA-08-0014: potential sql injection in events handling code
MSA-08-0015: accessible profiles of deleted users
MSA-08-0016: Email could be changed in profile without confirmation

Translations

Highlights
Security issues
Translations