2017-10-16 12:31:07 -04:00
{
2019-03-18 04:27:59 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com" ,
"ID" : "CVE-2016-2190" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
2017-10-16 12:31:07 -04:00
{
2019-03-18 04:27:59 +00:00
"lang" : "eng" ,
"value" : "Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log."
2017-10-16 12:31:07 -04:00
}
2019-03-18 04:27:59 +00:00
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160321 moodle security release" ,
"refsource" : "MLIST" ,
"url" : "http://www.openwall.com/lists/oss-security/2016/03/21/1"
} ,
{
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651" ,
"refsource" : "CONFIRM" ,
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651"
} ,
{
"name" : "https://moodle.org/mod/forum/discuss.php?d=330181" ,
"refsource" : "CONFIRM" ,
"url" : "https://moodle.org/mod/forum/discuss.php?d=330181"
} ,
{
"name" : "1035333" ,
"refsource" : "SECTRACK" ,
"url" : "http://www.securitytracker.com/id/1035333"
}
]
}
}
