Description

Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data.

Remediation

References

CVE-2011-4298

Related Vulnerabilities

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1826)

WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.6)

WordPress Plugin Variation Swatches for WooCommerce Cross-Site Scripting (1.0.61)

Grafana Incorrect Authorization Vulnerability (CVE-2021-28146)

Magento CVE-2019-7876 Vulnerability (CVE-2019-7876)

Severity

Medium

Classification

CVE-2011-4298 CWE-352

Tags

Missing Update Known Vulnerabilities