CVE-2011-4133

Moodle 1.9.0-1.9.10 - Cross-Site Request Forgery via RSS Block Feed Modification

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before 1.9.11 allows remote attackers to hijack the authentication of unspecified victims for requests that modify an RSS feed in an RSS block.

References (3)

Core 3

Scores

EPSS 0.0101
EPSS Percentile 58.9%

Details

CWE
CWE-352
Status published
Products (11)
moodle/moodle 1.9.1
moodle/moodle 1.9.2
moodle/moodle 1.9.3
moodle/moodle 1.9.4
moodle/moodle 1.9.5
moodle/moodle 1.9.6
moodle/moodle 1.9.7
moodle/moodle 1.9.8
moodle/moodle 1.9.9
moodle/moodle 1.9.10
... and 1 more
Published Jul 16, 2012
Tracked Since Feb 18, 2026