Description

The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.

Remediation

References

CVE-2011-4293

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4295)

WordPress Plugin WP Survey And Quiz Tool 'rowcount' Parameter Cross-Site Scripting (2.9.2)

PHP Data Processing Errors Vulnerability (CVE-2015-4147)

Zenphoto Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-36079)

MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-34750)

Severity

Medium

Classification

CVE-2011-4293 CWE-264

Tags

Missing Update Known Vulnerabilities