Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2016-2190 - Vulnerability Database
Moodle

Moodle Permissions Privileges and Access Controls Vulnerability - CVE-2016-2190

Medium
Reference: CVE-2016-2190
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-2190
Title: Moodle Permissions Privileges and Access Controls Vulnerability
Overview:

Moodle through 2.6.11 2.7.x before 2.7.13 2.8.x before 2.8.11 2.9.x before 2.9.5 and 3.0.x before 3.0.3 does not properly restrict links which allows remote attackers to obtain sensitive URL information by reading a Referer log.