CVE-2011-4294: Input Validation
First published: Mon Jul 16 2012(Updated: )
The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow attackers to trick users into visiting arbitrary web sites via error message links that lead offsite.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/moodle/moodle | >=2.1<2.1.1 | 2.1.1 |
| composer/moodle/moodle | >=2.0<2.0.4 | 2.0.4 |
| composer/moodle/moodle | <1.9.13 | 1.9.13 |
| Moodle | =1.9.1 | |
| Moodle | =1.9.2 | |
| Moodle | =1.9.3 | |
| Moodle | =1.9.4 | |
| Moodle | =1.9.5 | |
| Moodle | =1.9.6 | |
| Moodle | =1.9.7 | |
| Moodle | =1.9.8 | |
| Moodle | =1.9.9 | |
| Moodle | =1.9.10 | |
| Moodle | =1.9.11 | |
| Moodle | =1.9.12 | |
| Moodle | =2.0.0 | |
| Moodle | =2.0.1 | |
| Moodle | =2.0.2 | |
| Moodle | =2.0.3 | |
| Moodle | =2.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2011-4294
- http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f9f666c902cb30ef6f519353f38c45a29fdf4a6
- http://moodle.org/mod/forum/discuss.php?d=182737
- http://openwall.com/lists/oss-security/2011/11/14/1
- https://github.com/moodle/moodle/commit/18c2fcf8f19e00f0e89421d8fd8b7486a6dc6f79
- https://github.com/moodle/moodle/commit/417fdfab6bbdcfc3f5b64704ec06912ae9cd1050
- https://github.com/moodle/moodle/commit/8f9f666c902cb30ef6f519353f38c45a29fdf4a6
- https://github.com/advisories/GHSA-hxmp-8f47-x9fc (Advisory)
- http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=8f9f666c902cb30ef6f519353f38c45a29fdf4a6
Frequently Asked Questions
What is the severity of CVE-2011-4294?
CVE-2011-4294 is considered a medium-severity vulnerability due to its ability to deceive users into visiting malicious websites.
How do I fix CVE-2011-4294?
To fix CVE-2011-4294, upgrade to Moodle versions 1.9.13, 2.0.4, or 2.1.1, which contain the necessary security patches.
What software is affected by CVE-2011-4294?
CVE-2011-4294 affects Moodle versions 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1.
What types of attacks can exploit CVE-2011-4294?
CVE-2011-4294 can be exploited to carry out phishing attacks by redirecting users from error messages to malicious external sites.
Is there a workaround for CVE-2011-4294?
As a workaround for CVE-2011-4294, users should avoid clicking on links in error messages until they can upgrade to the patched versions.
- agent/type
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-hxmp-8f47-x9fc
- alias/CVE-2011-4294
- agent/software-canonical-lookup
- agent/weakness
- agent/severity
- agent/remedy
- agent/description
- agent/references
- agent/author
- agent/softwarecombine
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-historical
- package-manager/composer
- vendor/moodle
- canonical/moodle
- version/moodle/1.9.1
- version/moodle/1.9.2
- version/moodle/1.9.3
- version/moodle/1.9.4
- version/moodle/1.9.5
- version/moodle/1.9.6
- version/moodle/1.9.7
- version/moodle/1.9.8
- version/moodle/1.9.9
- version/moodle/1.9.10
- version/moodle/1.9.11
- version/moodle/1.9.12
- version/moodle/2.0.0
- version/moodle/2.0.1
- version/moodle/2.0.2
- version/moodle/2.0.3
- version/moodle/2.1.0