Skip to main content

Moodle 1.9.6

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 21st October 2009

Here is the full list of fixed issues in 1.9.6.


Security issues

  • MSA-09-0016 - Email not properly escaped on user edit page
  • MSA-09-0017 - Upgrade code in 1.9 does not escape tags properly
  • MSA-09-0018 - Incorrect escaping when updating first post in a single simple discussion forum type
  • MSA-09-0019 - SQL injection in update_record
  • MSA-09-0020 - Teachers can view students' grades in all courses in the overview report
  • MSA-09-0021 - Error in ADODB OCI8/MSSQL drivers allows SQL injection vulnerability

New language strings

  • MDL-20371 - publicsitefileswarning3 in moodle.php
  • MDL-19145 - several strings and a new help file. Please check CVS history.

New language packs

  • Marathi - Usha Deo
  • Urdu - Faisal Kaleem

(See Translation credits for additional details.)