CVE-2011-4582
Moodle 2.1-2.1.2 - Authenticated Open Redirect via Calendar Set Page
Title source: llmDescription
Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL.
References (3)
Core 3
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Patch x_refsource_confirm
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28720&sr=1
Patch, Vendor Advisory x_refsource_confirm
http://moodle.org/mod/forum/discuss.php?d=191748
Scores
EPSS
0.0016
EPSS Percentile
36.5%
Details
CWE
CWE-20
Status
published
Products (4)
moodle/moodle
2.1.0
moodle/moodle
2.1.1
moodle/moodle
2.1.2
moodle/moodle
2.1 - 2.1.3Packagist
Published
Jul 20, 2012
Tracked Since
Feb 18, 2026