Moodle 4.3.9
Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.
You are encouraged to upgrade to a supported version of Moodle.
Release date: 9 December 2024
Here is the full list of fixed issues in 4.3.9.
Security fixes
- MSA-24-0051 - Unprotected access to sensitive information via learning plan web service
- MSA-24-0052 - Tag index page displays other users tagged with the selected tag
- MSA-24-0053 - Email change confirmation token available via preference
- MSA-24-0054 - Database activity issue in separate groups mode, for users not in a group
- MSA-24-0055 - Reflected XSS in question bank filter
- MSA-24-0056 - Potential denial of service risk due to guest sessions' longer timeout period