Moderate severityNVD Advisory· Published Jul 16, 2012· Updated Jun 16, 2026
CVE-2011-4133
CVE-2011-4133
Description
Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before 1.9.11 allows remote attackers to hijack the authentication of unspecified victims for requests that modify an RSS feed in an RSS block.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 1.9.0, < 1.9.11 | 1.9.11 |
Affected products
11cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.9:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- moodle.org/mod/forum/discuss.phpnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-7cvw-wrj9-q5fpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2011-4133ghsaADVISORY
- git.moodle.org/gwnvdWEB
- git.moodle.org/gwghsaWEB
- openwall.com/lists/oss-security/2011/11/14/1nvdWEB
News mentions
0No linked articles in our index yet.