Vulnerability Database

314,373

Total vulnerabilities in the database

CVE-2016-2190

Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log.

  • Published: May 22, 2016
  • Updated: Nov 9, 2025
  • CVE: CVE-2016-2190
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
Composer icon moodle / moodle 2.7.1 2.7.1.x
Composer icon moodle / moodle 2.8.3 2.8.3.x
Composer icon moodle / moodle 2.8.7 2.8.7.x
Composer icon moodle / moodle 2.7.6 2.7.6.x
Composer icon moodle / moodle 2.7.11 2.7.11.x
Composer icon moodle / moodle 2.7.2 2.7.2.x
Composer icon moodle / moodle 2.7.4 2.7.4.x
Composer icon moodle / moodle 2.9.4 2.9.4.x
Composer icon moodle / moodle 2.8.9 2.8.9.x
Composer icon moodle / moodle 2.7.9 2.7.9.x
Composer icon moodle / moodle 2.8.10 2.8.10.x
Composer icon moodle / moodle 2.8.4 2.8.4.x
Composer icon moodle / moodle 2.8.6 2.8.6.x
Composer icon moodle / moodle 3.0.2 3.0.2.x
Composer icon moodle / moodle 2.7.12 2.7.12.x
Composer icon moodle / moodle - 2.6.11.x
Composer icon moodle / moodle 2.7.10 2.7.10.x
Composer icon moodle / moodle 2.7.5 2.7.5.x
Composer icon moodle / moodle 3.0.1 3.0.1.x
Composer icon moodle / moodle 2.7.3 2.7.3.x
Composer icon moodle / moodle 2.8.8 2.8.8.x
Composer icon moodle / moodle 2.7.0 2.7.0.x
Composer icon moodle / moodle 3.0.0 3.0.0.x
Composer icon moodle / moodle 2.9.1 2.9.1.x
Composer icon moodle / moodle 2.8.1 2.8.1.x
Composer icon moodle / moodle 2.8.5 2.8.5.x
Composer icon moodle / moodle 2.9.2 2.9.2.x
Composer icon moodle / moodle 2.7.8 2.7.8.x
Composer icon moodle / moodle 2.9.3 2.9.3.x
Composer icon moodle / moodle 2.8.2 2.8.2.x
Composer icon moodle / moodle 2.7.7 2.7.7.x
Composer icon moodle / moodle 2.8.0 2.8.0.x
Composer icon moodle / moodle 2.9.0 2.9.0.x