CVE-2011-4305

Name of the Vulnerable Software and Affected Versions Moodle versions 1.9.x through 1.9.13

Description The issue allows remote authenticated users to cause a denial of service, resulting in an infinite request loop. This is achieved by specifying a zero wait time for message refreshing in the message/refresh.php file.

Recommendations For Moodle versions 1.9.x through 1.9.13, update to version 1.9.14 or later to resolve the issue.