CVE-2011-4203 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-4203 Interim 1 3 2021-06-09T09:05:12Z current 2021-05-30T13:00:35Z 2021-06-09T09:05:12Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-4203 CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable. CVE-2011-4203 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N