Skip to main content

Forums
Documentation
Downloads
Demo
Tracker
Development
Translation

What are you looking for?

Learn about Moodle's products, like Moodle LMS or Moodle Worplace, or find a Moodle Certified Service Provider.

Moodle.com

Our social network to share and curate open educational resources.

MoodleNet

Courses and programs to develop your skills as a Moodle educator, administrator, designer or developer.

Moodle Academy

Moodle.com
Learn about Moodle's products, like Moodle LMS or Moodle Worplace, or find a Moodle Certified Service Provider.

MoodleNet
Our social network to share and curate open educational resources.

Moodle Academy
Courses and programs to develop your skills as a Moodle educator, administrator, designer or developer.

Moodle 4.0.10

Unsupported Moodle Version

This version of Moodle is no longer supported for general bug fixes.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 14 August 2023

Here is the full list of fixed issues in 4.0.10.

General fixes and improvements

MDL-78488 - Question bank statistics still being pulled/loaded when associated columns disabled
MDL-77525 - Add text filtering stages

Security fixes

MSA-23-0019 - Proxy bypass risk due to insufficient validation
MSA-23-0020 - Remote code execution risk when parsing malformed file repository reference
MSA-23-0021 - Some block permissions on Dashboard not respected
MSA-23-0023 - Stored self-XSS escalated to stored XSS via OAuth 2 login
MSA-23-0025 - phpCAS library upgraded to 1.6.0 (upstream)
MSA-23-0026 - IDOR in message processor fragments allows fetching of other users' data
MSA-23-0028 - Open redirect risk on admin view all policies page
MSA-23-0029 - Competency framework tools are not restricted as intended
MSA-23-0030 - Quiz sequential navigation bypass possible

General fixes and improvements
Security fixes