Moderate severityNVD Advisory· Published Jul 20, 2012· Updated Apr 29, 2026

CVE-2011-4582

Description

Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
moodle/moodlePackagist	>= 2.1, < 2.1.3	2.1.3

Affected products

Moodle/Moodle3 versions
cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*
ghsa-coords
pkg:composer/moodle/moodle
Range: >= 2.1, < 2.1.3

Patches

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

moodle.org/mod/forum/discuss.phpnvdPatchVendor AdvisoryWEB
github.com/advisories/GHSA-jcrj-x36p-h9f6ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2011-4582ghsaADVISORY
bugzilla.redhat.com/show_bug.cginvdWEB
github.com/moodle/moodle/commit/0d2672748c00181d9cdae2aabbab916cbd64c47dghsaWEB
github.com/moodle/moodle/commit/21e7d4c5fc9cc5df54c9c7d82190f1339d163a9eghsaWEB
github.com/moodle/moodle/commit/7f422374c101dcb0affdd5127b855671af4f3748ghsaWEB
github.com/moodle/moodle/commit/eb59a448f7879d69b21fcde7f1fcddd69655e045ghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.001
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000