Moderate severityNVD Advisory· Published Jul 16, 2012· Updated Apr 29, 2026
CVE-2011-4133
CVE-2011-4133
Description
Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before 1.9.11 allows remote attackers to hijack the authentication of unspecified victims for requests that modify an RSS feed in an RSS block.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 1.9.0, < 1.9.11 | 1.9.11 |
Affected products
10cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.9.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- moodle.org/mod/forum/discuss.phpnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-7cvw-wrj9-q5fpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2011-4133ghsaADVISORY
- openwall.com/lists/oss-security/2011/11/14/1nvdWEB
News mentions
0No linked articles in our index yet.