VulnerableCode Vulnerability Details - VCID-ugmh-bzdg-1fan

Search for vulnerabilities

Vulnerability details: VCID-ugmh-bzdg-1fan

Essentials
Severities (13)
References (12)
Severity details (11)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-ugmh-bzdg-1fan
Aliases	CVE-2015-3175 GHSA-h798-h7ff-93xv
Summary	Moodle Arbitrary Redirect Multiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an error page that links to a URL from an HTTP Referer header.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-601	URL Redirection to Untrusted Site ('Open Redirect')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49179
generic_textual	MODERATE	http://openwall.com/lists/oss-security/2015/05/18/1
epss	0.004	https://api.first.org/data/v1/epss?cve=CVE-2015-3175
epss	0.004	https://api.first.org/data/v1/epss?cve=CVE-2015-3175
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-h798-h7ff-93xv
generic_textual	MODERATE	https://github.com/moodle/moodle
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/b2687a055dc990ca86ddce178d5aee3fb1df644a
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/db200a8e9f88c8c4a2141ac264062dca74ee2f29
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/dd0607b7bbaff38cc62e4d00658c02da3fdbb4c8
generic_textual	MODERATE	https://moodle.org/mod/forum/discuss.php?d=313682
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2015-3175
generic_textual	MODERATE	https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358
generic_textual	MODERATE	https://web.archive.org/web/20210122155902/http://www.securityfocus.com/bid/74720

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49179
		http://openwall.com/lists/oss-security/2015/05/18/1
		https://api.first.org/data/v1/epss?cve=CVE-2015-3175
		https://github.com/moodle/moodle
		https://github.com/moodle/moodle/commit/b2687a055dc990ca86ddce178d5aee3fb1df644a
		https://github.com/moodle/moodle/commit/db200a8e9f88c8c4a2141ac264062dca74ee2f29
		https://github.com/moodle/moodle/commit/dd0607b7bbaff38cc62e4d00658c02da3fdbb4c8
		https://moodle.org/mod/forum/discuss.php?d=313682
		https://nvd.nist.gov/vuln/detail/CVE-2015-3175
		https://web.archive.org/web/20201030042703/http://www.securitytracker.com/id/1032358
		https://web.archive.org/web/20210122155902/http://www.securityfocus.com/bid/74720
GHSA-h798-h7ff-93xv		https://github.com/advisories/GHSA-h798-h7ff-93xv

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.59842
EPSS Score	0.004
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:26:15.030761+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-h798-h7ff-93xv/GHSA-h798-h7ff-93xv.json	36.1.3