CVE-2011-4203

Опубликовано: 22 дек. 2011

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.9:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.10:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.11:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.12:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.13:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:1.9.14:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00245

Низкий

5 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2011-4203

ubuntu

больше 13 лет назад

GHSA-4w8m-96v9-2c86

github

около 3 лет назад

Moodle CRLF Injection Vulnerability in Calendar Component