Open redirect vulnerability in the clean_param function in lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an HTTP Referer header that has a substring match with a local URL.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50688
openwall.com/lists/oss-security/2015/07/13/2
github.com/moodle/moodle
github.com/moodle/moodle/commit/5673aae914070fa93b861a39f6bb3eae2f79bbc2
github.com/moodle/moodle/commit/5c1f41f0583e9174ead1530f93dc4b260d8036d5
github.com/moodle/moodle/commit/9580c08e9e4e5e80606d46aea2014f83f863534f
github.com/moodle/moodle/commit/980bd08bdc01586bf8b5d407b049645ea6ff1174
moodle.org/mod/forum/discuss.php?d=316662
nvd.nist.gov/vuln/detail/CVE-2015-3272
web.archive.org/web/20150924032214/www.securitytracker.com/id/1032877