CVE-2015-3177

Name of the Vulnerable Software and Affected Versions Moodle versions 2.8.x through 2.8.5

Description The issue is related to errors in the code of the tool/monitor:subscribe component in the Moodle learning management system. This allows a remote authenticated user to obtain sensitive information via a subscription request due to mistakes in the subscription procedure.

Recommendations For Moodle versions 2.8.x through 2.8.5, update to version 2.8.6 or later to resolve the issue.