Description

Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before 1.9.11 allows remote attackers to hijack the authentication of unspecified victims for requests that modify an RSS feed in an RSS block.

Remediation

References

CVE-2011-4133

Related Vulnerabilities

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)

WordPress 4.0.x Arbitrary File Deletion Vulnerability (4.0 - 4.0.23)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3531)

WordPress Plugin Free counter Cross-Site Scripting (1.1)

WordPress Plugin OSM-OpenStreetMap SQL Injection (6.0.2)

Severity

Medium

Classification

CVE-2011-4133 CWE-352

Tags

Missing Update Known Vulnerabilities