Moderate severityNVD Advisory· Published Jul 11, 2012· Updated Apr 29, 2026
CVE-2011-4298
CVE-2011-4298
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 2.0.0, < 2.0.5 | 2.0.5 |
moodle/moodlePackagist | >= 2.1.0, < 2.1.2 | 2.1.2 |
Affected products
7cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- moodle.org/mod/forum/discuss.phpnvdPatchVendor AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdPatchWEB
- github.com/advisories/GHSA-8hxm-42v5-66hmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2011-4298ghsaADVISORY
News mentions
0No linked articles in our index yet.