Moodle · Moodle · CVE-2015-3177
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 2.8.x through 2.8.5
**Description**
The issue is related to errors in the code of the tool/monitor:subscribe component in the Moodle learning management system. This allows a remote authenticated user to obtain sensitive information via a subscription request due to mistakes in the subscription procedure.
**Recommendations**
For Moodle versions 2.8.x through 2.8.5, update to version 2.8.6 or later to resolve the issue.