CVE-2011-4301 in Moodleinfo

Summary

The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not recognize Forms API setConstant operations, which allows remote attackers to submit unexpected form content by modifying the values of constant fields.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

11/04/2011

Disclosure

07/11/2012

Moderation

VulDB entry created

Entries

CPE

ready

CWE

Unknown

CVSS

5.3

EPSS

0.00274

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4301
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4301
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4301/

◂ Previous Overview Next ▸