Description
message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote authenticated users to cause a denial of service (infinite request loop) via a URL that specifies a zero wait time for message refreshing.
Remediation
References
Related Vulnerabilities
RubyGems Improper Input Validation Vulnerability (CVE-2017-0900)
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-38745)
WordPress Plugin Polldaddy Polls & Ratings Cross-Site Scripting (2.0.31)
Joomla! Core Information Disclosure (1.5.0 - 3.7.5)
WordPress Plugin Custom CSS Pro Cross-Site Request Forgery (1.0.3)