Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-3272

Опубликовано: 22 фев. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.8
CVSS3: 7.4

Описание

Open redirect vulnerability in the clean_param function in lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an HTTP Referer header that has a substring match with a local URL.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

3.0.3+dfsg-0ubuntu1
cosmic

not-affected

3.0.3+dfsg-0ubuntu1
devel

not-affected

3.0.3+dfsg-0ubuntu1
disco

not-affected

3.0.3+dfsg-0ubuntu1
esm-apps/bionic

not-affected

3.0.3+dfsg-0ubuntu1
esm-apps/xenial

not-affected

3.0.3+dfsg-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
precise

ignored

end of life
precise/esm

DNE

precise was needed

Показывать по

EPSS

Процентиль: 57%
0.00347
Низкий

5.8 Medium

CVSS2

7.4 High

CVSS3

Связанные уязвимости

CVSS3: 7.4
nvd
больше 9 лет назад

Open redirect vulnerability in the clean_param function in lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an HTTP Referer header that has a substring match with a local URL.

CVSS3: 7.4
debian
больше 9 лет назад

Open redirect vulnerability in the clean_param function in lib/moodlel ...

CVSS3: 7.4
github
около 3 лет назад

Moodle open redirect vulnerability

fstec
больше 9 лет назад

Уязвимость системы управления обучением Мoodle, позволяющая нарушителю перенаправить пользователей на произвольные веб-сайты

EPSS

Процентиль: 57%
0.00347
Низкий

5.8 Medium

CVSS2

7.4 High

CVSS3