EPSS
Percentile
70.3%
Moodle is vulnerable to information disclosure. Attackers are able to obtain sensitive URL information through the Referer log because it doesn’t correctly restrict links with the _blank attribute.
_blank
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52651
www.openwall.com/lists/oss-security/2016/03/21/1
www.securitytracker.com/id/1035333
moodle.org/mod/forum/discuss.php?d=330181