CVE-2016-2190
- Source
- https://cve.org/CVERecord?id=CVE-2016-2190
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2190.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-2190
- Aliases
- Related
- Published
- 2016-05-22T20:59:09.117Z
- Modified
- 2026-04-11T16:22:56.394987Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log.
- References
Affected packages
Git / github.com/moodle/moodle
Affected ranges
- Type
- GIT
- Repo
- https://github.com/moodle/moodle
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "last_affected": "2.6.11" }, { "last_affected": "2.7.0" }, { "last_affected": "2.7.1" }, { "last_affected": "2.7.2" }, { "last_affected": "2.7.3" }, { "last_affected": "2.7.4" }, { "last_affected": "2.7.5" }, { "last_affected": "2.7.6" }, { "last_affected": "2.7.7" }, { "last_affected": "2.7.8" }, { "last_affected": "2.7.9" }, { "last_affected": "2.7.10" }, { "last_affected": "2.7.11" }, { "last_affected": "2.7.12" }, { "last_affected": "2.8.0" }, { "last_affected": "2.8.1" }, { "last_affected": "2.8.2" }, { "last_affected": "2.8.3" }, { "last_affected": "2.8.4" }, { "last_affected": "2.8.5" }, { "last_affected": "2.8.6" }, { "last_affected": "2.8.7" }, { "last_affected": "2.8.8" }, { "last_affected": "2.8.9" }, { "last_affected": "2.8.10" }, { "last_affected": "2.9.0" }, { "last_affected": "2.9.1" }, { "last_affected": "2.9.2" }, { "last_affected": "2.9.3" }, { "last_affected": "2.9.4" }, { "last_affected": "3.0.0" }, { "last_affected": "3.0.1" }, { "last_affected": "3.0.2" } ], "source": "CPE_FIELD", "cpe": [ "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.9:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.10:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.11:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.7.12:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.9:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.8.10:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:2.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:3.0.2:*:*:*:*:*:*:*" ] }
Affected versions
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.1
v1.2.0
v1.2.1
v1.3.0
v2.*
v2.0.0
v2.0.0-rc1
v2.0.0-rc2
v2.0.1
v2.1.0
v2.2.0
v2.2.0-beta
v2.2.0-rc1
v2.3.0
v2.3.0-beta
v2.3.0-rc1
v2.4.0
v2.4.0-beta
v2.4.0-rc1
v2.5.0
v2.5.0-beta
v2.5.0-rc1
v2.6.0
v2.6.0-beta
v2.6.0-rc1
v2.6.1
v2.6.10
v2.6.11
v2.6.2
v2.6.3
v2.6.4
v2.6.5
v2.6.6
v2.6.7
v2.6.8
v2.6.9
v2.7.0
v2.7.0-beta
v2.7.0-rc1
v2.7.0-rc2
v2.7.1
v2.7.10
v2.7.11
v2.7.12
v2.7.2
v2.7.3
v2.7.4
v2.7.5
v2.7.6
v2.7.7
v2.7.8
v2.7.9
v2.8.0
v2.8.0-beta
v2.8.0-rc1
v2.8.0-rc2
v2.8.1
v2.8.10
v2.8.2
v2.8.3
v2.8.4
v2.8.5
v2.8.6
v2.8.7
v2.8.8
v2.8.9
v2.9.0
v2.9.0-beta
v2.9.0-rc1
v2.9.0-rc2
v2.9.1
v2.9.2
v2.9.3
v2.9.4
v3.*
v3.0.0
v3.0.0-beta
v3.0.0-rc1
v3.0.0-rc2
v3.0.0-rc3
v3.0.0-rc4
v3.0.1
v3.0.2