VulnerableCode Vulnerability Details - VCID-hum9-nt6p-6kde

Search for vulnerabilities

Vulnerability details: VCID-hum9-nt6p-6kde

Essentials
Severities (11)
References (10)
Severity details (9)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-hum9-nt6p-6kde
Aliases	CVE-2011-4293 GHSA-wxvp-8q8h-r6rr
Summary	Moodle Double-Caches Content, Potentially Writing to a File System's Tmp Directory The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-379	Creation of Temporary File in Directory with Insecure Permissions
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264	Permissions, Privileges, and Access Controls
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://git.moodle.org/gw?p=moodle.git;a=commit;h=e1c2a211f259821910be2cba23679d4176fb00a3
generic_textual	MODERATE	http://moodle.org/mod/forum/discuss.php?d=182736
generic_textual	MODERATE	http://openwall.com/lists/oss-security/2011/11/14/1
epss	0.00195	https://api.first.org/data/v1/epss?cve=CVE-2011-4293
epss	0.00632	https://api.first.org/data/v1/epss?cve=CVE-2011-4293
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-wxvp-8q8h-r6rr
generic_textual	MODERATE	https://github.com/moodle/moodle
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/05f4555422278190ec24a88466ac43c914a7e5d6
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/9a380fbb53429713b3c422a3146456dc97205329
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/e1c2a211f259821910be2cba23679d4176fb00a3
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2011-4293

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git;a=commit;h=e1c2a211f259821910be2cba23679d4176fb00a3
		http://moodle.org/mod/forum/discuss.php?d=182736
		http://openwall.com/lists/oss-security/2011/11/14/1
		https://api.first.org/data/v1/epss?cve=CVE-2011-4293
		https://github.com/moodle/moodle
		https://github.com/moodle/moodle/commit/05f4555422278190ec24a88466ac43c914a7e5d6
		https://github.com/moodle/moodle/commit/9a380fbb53429713b3c422a3146456dc97205329
		https://github.com/moodle/moodle/commit/e1c2a211f259821910be2cba23679d4176fb00a3
		https://nvd.nist.gov/vuln/detail/CVE-2011-4293
GHSA-wxvp-8q8h-r6rr		https://github.com/advisories/GHSA-wxvp-8q8h-r6rr

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.41879
EPSS Score	0.00195
Published At	July 4, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:30:11.814271+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wxvp-8q8h-r6rr/GHSA-wxvp-8q8h-r6rr.json	36.1.3