Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2016-05-22T20:00:00
Updated: 2024-08-05T23:24:48.267Z
Reserved: 2016-01-29T00:00:00
Link: CVE-2016-2190
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-05-22T20:59:09.117
Modified: 2020-12-01T14:54:51.107
Link: CVE-2016-2190
Redhat
No data.