CVE-2011-4281

moodle 2.0.0-2.0.2 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course.

References (3)

Core 3

Scores

EPSS 0.0101
EPSS Percentile 58.9%

Details

CWE
CWE-352
Status published
Products (3)
moodle/moodle 2.0.0
moodle/moodle 2.0.1
moodle/moodle 2.0.0 - 2.0.2Packagist
Published Jul 16, 2012
Tracked Since Feb 18, 2026