1
Candidate: CVE-2016-2190
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2190
5
https://moodle.org/mod/forum/discuss.php?d=330181
7
Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x
8
before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links,
9
which allows remote attackers to obtain sensitive URL information by
10
reading a Referer log.
15
Discovered-by: Hugh Davenport
19
upstream_moodle: released (2.7.13+dfsg-1)
20
precise_moodle: ignored (reached end-of-life)
21
precise/esm_moodle: DNE (precise was needs-triage)
22
trusty_moodle: needs-triage
23
vivid/stable-phone-overlay_moodle: DNE
24
vivid/ubuntu-core_moodle: DNE
25
wily_moodle: ignored (reached end-of-life)
26
xenial_moodle: needs-triage
27
yakkety_moodle: ignored (reached end-of-life)
28
zesty_moodle: ignored (reached end-of-life)
29
artful_moodle: needs-triage
30
bionic_moodle: needs-triage
31
devel_moodle: needs-triage