Skip to main content

Moodle 3.9.15

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 11 July 2022

Here is the full list of fixed issues in 3.9.15.

For developers

  • MDL-75084 - Add behat generators for blog entries
  • MDL-74613 - Add behat generators for grades grade
  • MDL-74674 - Add behat generator to create notification
  • MDL-74864 - Allow specifying forum discussion group in behat generators
  • MDL-74816 - Allow specifying default file's name in mod_resource generator

Security fixes

  • MSA-22-0015 - PostScript Code Injection / Remote code execution risk
  • MSA-22-0016 - Arbitrary file read when importing lesson questions
  • MSA-22-0017 - Stored XSS and blind SSRF possible via SCORM track details
  • MSA-22-0018 - Open redirect risk in mobile auto-login feature
  • MSA-22-0019 - LTI module reflected XSS risk - affecting unauthenticated users only
  • MSA-22-0020 - Upgrade moodle-mlbackend-python and update its reference in /lib/mlbackend/python/classes/processor.php (upstream)