CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2011-12-22T15:00:00Z
Updated: 2024-09-17T02:15:46.052Z
Reserved: 2011-10-26T00:00:00Z
Link: CVE-2011-4203
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2011-12-22T15:29:20.093
Modified: 2020-12-01T14:43:58.053
Link: CVE-2011-4203
Redhat
No data.