Caching Vulnerability in Moodle Allows Unauthorized Write Access to Temporary Directory
CVE-2011-4293 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:P
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.
Learn more about our Web Application Penetration Testing UK.