Information Disclosure Vulnerability in Moodle
CVE-2016-2190 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log.
Learn more about our Web Application Penetration Testing UK.