Moodle 4.1.19
Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.
You are encouraged to upgrade to a supported version of Moodle.
Release date: 9 June 2025
Here is the full list of fixed issues in 4.1.19.
General fixes and improvements
- MDL-84793 - Behat: Allow CLI scripts to run on Behat instance
Security fixes
- MSA-25-0030 - Password can be revealed in login page after log out due to caching
- MSA-25-0031 - Upgrade ADOdb including security fix (upstream)
- MSA-25-0032 - SSRF risk via DNS rebind
- MSA-25-0033 - Course visibility not honoured consistently
- MSA-25-0034 - CSRF risk in badges backpack management
- MSA-25-0035 - Missing authorisation checks in BigBlueButton view page
- MSA-25-0036 - IDOR allows fetching of recently accessed courses for other users via web service