6.4
CVSSv2

CVE-2011-4293

Published: 16/07/2012 Updated: 16/07/2012
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Summary

The theme implementation in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote malicious users to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.

Affected Products

Vendor Product Versions
MoodleMoodle2.0, 2.0.1, 2.0.2, 2.0.3, 2.1