Description
Multiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an error page that links to a URL from an HTTP Referer header.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2016-7478)
PostgreSQL CVE-2017-7548 Vulnerability (CVE-2017-7548)
Oracle Database Server CVE-2006-5344 Vulnerability (CVE-2006-5344)
PHP Cryptographic Issues Vulnerability (CVE-2010-1128)
WordPress Plugin Basic Dev Tools Multiple Cross-Site Scripting Vulnerabilities (1.4.1)