Description

lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.

Remediation

References

CVE-2012-0801

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2001-1243)

WordPress Plugin Twitter Button by BestWebSoft Cross-Site Scripting (2.54)

WordPress Plugin Simple:Press 'sf-header-forum.php' SQL Injection (4.3.0)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6074)

Microsoft SQL Server Other Vulnerability (CVE-2002-0224)

Severity

High

Classification

CVE-2012-0801 CWE-20

Tags

Missing Update Known Vulnerabilities