← back
CVE-2011-4293

CVE-2011-4293

EPSS 2.4%
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=e1c2a211f259821910be2cba23679d4176fb00a3http://moodle.org/mod/forum/discuss.php?d=182736http://openwall.com/lists/oss-security/2011/11/14/1