QwikSec

Security Database

CVE

CWE

Training

CVE-2011-4586

Published: Jul 20, 2012

Modified: Aug 7, 2024

PUBLISHED

Description

CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=761248

x_refsource_CONFIRM

http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=581e8dba387f090d89382115fd850d8b44351526

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

http://moodle.org/mod/forum/discuss.php?d=191754

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.