VDB

GCVE-110-MAGEIA-2015-302

GCVE-110-MAGEIA-2015-302
Advisory Published
Vulnetix · Advisory published August 3, 2015
In Moodle before 2.8.7, phishing is possible when redirecting to external site using referer headers in error messages (CVE-2015-3272). In Moodle before 2.8.7, several web services returning user information did not clean text in text custom profile fields, leading to possible XSS (CVE-2015-3274). In Moodle before 2.8.7, possible Javascript injection was discovered in the SCORM module (CVE-2015-3275). As Moodle 2.6 is no longer supported, users of this package on Mageia 4 are advised to migrate to Mageia 5.

Affected Products

VendorProductVersionsPlatforms
Mageiamoodle2.8.7-1.mga5 (unaffected), 0 (affected)

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›