Description
CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Form Vibes-Database Manager for Forms Unspecified Vulnerability (1.4.2)
e107 Other Vulnerability (CVE-2004-2040)
WordPress Plugin SodaHead Polls Multiple Cross-Site Scripting Vulnerabilities (2.0.2)
WordPress Plugin Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0)
WordPress Plugin JS Job Manager Unspecified Vulnerability (1.0.9)