VDB
GCVE-110-MAGEIA-2015-302
GCVE-110-MAGEIA-2015-302
Advisory Published
In Moodle before 2.8.7, phishing is possible when redirecting to external
site using referer headers in error messages (CVE-2015-3272).
In Moodle before 2.8.7, several web services returning user information
did not clean text in text custom profile fields, leading to possible XSS
(CVE-2015-3274).
In Moodle before 2.8.7, possible Javascript injection was discovered in
the SCORM module (CVE-2015-3275).
As Moodle 2.6 is no longer supported, users of this package on Mageia 4
are advised to migrate to Mageia 5.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | moodle | 2.8.7-1.mga5 (unaffected), 0 (affected) | — |
References
Browse GCVE Records
73,280 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.