Description
message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote authenticated users to cause a denial of service (infinite request loop) via a URL that specifies a zero wait time for message refreshing.
Remediation
References
Related Vulnerabilities
WordPress Plugin CF7 Manual Spam Blocker Privilege Escalation (1.0)
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-5743)
WordPress Plugin WooCommerce Customers Manager Unspecified Vulnerability (26.6)
WordPress Plugin WP-Polls Cross-Site Scripting (2.73)
WordPress Plugin WP Accessibility Cross-Site Scripting (1.6.10)