Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2011-4203 - Vulnerability Database
Moodle

Moodle Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2011-4203

Medium
Reference: CVE-2011-4203
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-4203
Title: Moodle Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15 2.0.x before 2.0.6 2.1.x before 2.1.3 and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable.