Description

Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before 1.9.11 allows remote attackers to hijack the authentication of unspecified victims for requests that modify an RSS feed in an RSS block.

Remediation

References

CVE-2011-4133

Related Vulnerabilities

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44310)

PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8375)

WordPress Plugin YITH WooCommerce Cart Messages Security Bypass (1.4.3)

WordPress Plugin Polo Video Gallery-Best wordpress video gallery Cross-Site Scripting (1.2)

PHP Improper Input Validation Vulnerability (CVE-2017-7189)

Severity

Medium

Classification

CVE-2011-4133 CWE-352

Tags

Missing Update Known Vulnerabilities