Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2011-4293

The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.

  • Published: Jul 16, 2012
  • Updated: Apr 13, 2023
  • CVE: CVE-2011-4293
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.4
  • AV:N/AC:L/Au:N/C:N/I:P/A:P

CWEs:

Software From Fixed in
moodle / moodle 2.0.2 2.0.2.x
moodle / moodle 2.0.1 2.0.1.x
moodle / moodle 2.0.3 2.0.3.x
moodle / moodle 2.0.0 2.0.0.x
moodle / moodle 2.1.0 2.1.0.x