Skip to main content

Forums
Documentation
Downloads
Demo
Tracker
Development
Translation

What are you looking for?

Learn about Moodle's products, like Moodle LMS or Moodle Worplace, or find a Moodle Certified Service Provider.

Moodle.com

Our social network to share and curate open educational resources.

MoodleNet

Courses and programs to develop your skills as a Moodle educator, administrator, designer or developer.

Moodle Academy

Moodle.com
Learn about Moodle's products, like Moodle LMS or Moodle Worplace, or find a Moodle Certified Service Provider.

MoodleNet
Our social network to share and curate open educational resources.

Moodle Academy
Courses and programs to develop your skills as a Moodle educator, administrator, designer or developer.

Moodle 2.5.7

Release date: 14 July, 2014

Here is the full list of fixed issues in 2.5.7.

Highlights

MDL-41383 - File picker works when zooming in and out of browser

Security issues

MSA-14-0020 Identity confusion in Shibboleth authentication
MSA-14-0021 Code injection in Repositories
MSA-14-0022 XML External Entity vulnerability in LTI module
MSA-14-0023 XML External Entity vulnerability in IMSCC and IMSCP
MSA-14-0024 Cross-site scripting vulnerability in profile field
MSA-14-0025 Remote code execution in Quiz
MSA-14-0026 Information leak in profile and notes pages
MSA-14-0027 Forum group posting issue
MSA-14-0028 Cross-site scripting possible in external badges
MSA-14-0029 Cross-site scripting vulnerability in exception dialogues
MSA-14-0032 Cross-site scripting in advanced grading methods

Translations

Highlights
Security issues
Translations