Skip to main content

Moodle 3.9.15

Unsupported Moodle Version
This version of Moodle is no longer supported for general bug fixes.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 11 July 2022

Here is the full list of fixed issues in 3.9.15.

For developers

  • MDL-75084 - Add behat generators for blog entries
  • MDL-74613 - Add behat generators for grades grade
  • MDL-74674 - Add behat generator to create notification
  • MDL-74864 - Allow specifying forum discussion group in behat generators
  • MDL-74816 - Allow specifying default file's name in mod_resource generator

Security fixes

  • MSA-22-0015 - PostScript Code Injection / Remote code execution risk
  • MSA-22-0016 - Arbitrary file read when importing lesson questions
  • MSA-22-0017 - Stored XSS and blind SSRF possible via SCORM track details
  • MSA-22-0018 - Open redirect risk in mobile auto-login feature
  • MSA-22-0019 - LTI module reflected XSS risk - affecting unauthenticated users only
  • MSA-22-0020 - Upgrade moodle-mlbackend-python and update its reference in /lib/mlbackend/python/classes/processor.php (upstream)