Description

message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote authenticated users to cause a denial of service (infinite request loop) via a URL that specifies a zero wait time for message refreshing.

Remediation

References

CVE-2011-4305

Related Vulnerabilities

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1914)

WordPress Plugin WP-AutoYoutube 'index.php' Script SQL Injection (0.1)

WordPress Plugin Centrora Security Multiple Vulnerabilities (6.5.6)

MySQL CVE-2021-2305 Vulnerability (CVE-2021-2305)

PHP Resource Management Errors Vulnerability (CVE-2010-1861)

Severity

Medium

Classification

CVE-2011-4305

Tags

Missing Update Known Vulnerabilities