Description

The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.

Remediation

References

CVE-2011-4293

Related Vulnerabilities

WordPress Plugin Shareaholic-share buttons, related posts, social analytics & more Cross-Site Scripting (7.6.0.9)

Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.10.6)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6380)

WordPress Plugin Authorize.net Payment Gateway For WooCommerce Security Bypass (2.0)

WordPress Plugin FireStorm Professional Real Estate 'id' Parameter SQL Injection (2.06.03)

Severity

Medium

Classification

CVE-2011-4293 CWE-264

Tags

Missing Update Known Vulnerabilities