Moodle · Moodle · CVE-2011-4305
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 1.9.x through 1.9.13
**Description**
The issue allows remote authenticated users to cause a denial of service, resulting in an infinite request loop. This is achieved by specifying a zero wait time for message refreshing in the `message/refresh.php` file.
**Recommendations**
For Moodle versions 1.9.x through 1.9.13, update to version 1.9.14 or later to resolve the issue.