CVE-2011-4582

Priority
Medium
Description
Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before
2.1.3 allows remote authenticated users to redirect users to arbitrary web
sites and conduct phishing attacks via a redirection URL.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4582
Bugs
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652235
Package
Source: moodle (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):needed
Ubuntu 11.10 (Oneiric Ocelot):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (1.9.9.dfsg2-5)
Ubuntu 12.10 (Quantal Quetzal):not-affected (1.9.9.dfsg2-5)
Ubuntu 13.04 (Raring Ringtail):not-affected (1.9.9.dfsg2-5)
Ubuntu 13.10 (Saucy Salamander):not-affected (1.9.9.dfsg2-5)
Patches:
Upstream:http://moodle.org/mod/forum/discuss.php?d=191748
More Information

Valid XHTML 1.0 Strict

Updated: 2013-05-09 15:15:56 UTC (commit 6824)