VulnerableCode Vulnerability Details - VCID-7wfy-ub8w-zub2

Search for vulnerabilities

Vulnerability details: VCID-7wfy-ub8w-zub2

Essentials
Severities (9)
References (8)
Severity details (7)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-7wfy-ub8w-zub2
Aliases	CVE-2011-4298 GHSA-8hxm-42v5-66hm
Summary	Moodle vulnerable to Cross-Site Request Forgery Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-352	Cross-Site Request Forgery (CSRF)
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=48346fb11f8ced06a05c0618b02a3a925b34ec59
generic_textual	MODERATE	http://git.moodle.org/gw?p=moodle.git;a=commit;h=48346fb11f8ced06a05c0618b02a3a925b34ec59
generic_textual	MODERATE	http://moodle.org/mod/forum/discuss.php?d=188309
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2011-4298
epss	0.00126	https://api.first.org/data/v1/epss?cve=CVE-2011-4298
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=747444
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-8hxm-42v5-66hm
generic_textual	MODERATE	https://git.moodle.org
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2011-4298

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=48346fb11f8ced06a05c0618b02a3a925b34ec59
		http://git.moodle.org/gw?p=moodle.git;a=commit;h=48346fb11f8ced06a05c0618b02a3a925b34ec59
		http://moodle.org/mod/forum/discuss.php?d=188309
		https://api.first.org/data/v1/epss?cve=CVE-2011-4298
		https://bugzilla.redhat.com/show_bug.cgi?id=747444
		https://git.moodle.org
		https://nvd.nist.gov/vuln/detail/CVE-2011-4298
GHSA-8hxm-42v5-66hm		https://github.com/advisories/GHSA-8hxm-42v5-66hm

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.32906
EPSS Score	0.00126
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:30:00.079236+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-8hxm-42v5-66hm/GHSA-8hxm-42v5-66hm.json	36.1.3