CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
Percentile
69.4%
message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote
authenticated users to cause a denial of service (infinite request loop)
via a URL that specifies a zero wait time for message refreshing.