VIR Vulnerability Intelligence Relay

CVE-2011-4294

medium
Published 2012-07-16 · Modified 2024-01-17
CVSS v3
CVSS v2
5.8
VIR risk
5.8

Description

Moodle Open Redirect Via Error Messages

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — http://moodle.org/mod/forum/discuss.php?d=182737

Package impact
EcosystemPackageVulnerableFixed
php Packagistmoodle/moodle<1.9.131.9.13
php Packagistmoodle/moodle>=2.0,<2.0.42.0.4
php Packagistmoodle/moodle>=2.1,<2.1.12.1.1

Application impact
VendorProductVersionsFixed
moodlemoodle1.9.1
moodlemoodle1.9.2
moodlemoodle1.9.3
moodlemoodle1.9.4
moodlemoodle1.9.5
moodlemoodle1.9.6
moodlemoodle1.9.7
moodlemoodle1.9.8
moodlemoodle1.9.9
moodlemoodle1.9.10
moodlemoodle1.9.11
moodlemoodle1.9.12
moodlemoodle2.0.0
moodlemoodle2.0.1
moodlemoodle2.0.2
moodlemoodle2.0.3
moodlemoodle2.1.0

References

CWEs

CWE-20

Verify integrity in audit chain (admin only). AS-IS.