WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Improper Input Validation Vulnerability (CVE-2011-4302)

Description

mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote attackers to bypass validation via a crafted certificate.

Remediation

References

Related Vulnerabilities

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3725)

PHP Other Vulnerability (CVE-2016-4541)

WordPress Plugin HB AUDIO GALLERY LITE Arbitrary File Download (1.0.0)

Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.28)

WordPress Plugin Google Captcha (reCAPTCHA) by BestWebSoft Cross-Site Scripting (1.27)

Severity

Medium

Classification

CVE-2011-4302 CWE-20

Tags

Missing Update Known Vulnerabilities