Vulnerability-Lookup

CVE-2025-67855 (GCVE-0-2025-67855)

Vulnerability from cvelistv5 – Published: 2026-02-03 10:52 – Updated: 2026-02-03 15:43

Title

Mooodle: mooodle: information disclosure and script execution via reflected cross-site scripting

Summary

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user's browser.

Severity ?

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

fedora

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2025-67855	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2423861	issue-trackingx_refsource_REDHAT

Impacted products

	Vendor	Product	Version
			Affected: 4.1.0 , < 4.1.22 (semver) Affected: 4.4.0 , < 4.4.12 (semver) Affected: 4.5.0 , < 4.5.8 (semver) Affected: 5.0.0 , < 5.0.4 (semver) Affected: 5.1.0 , < 5.1.1 (semver)

Credits

Red Hat would like to thank Nicecatch2000 for reporting this issue.

Show details on NVD website

JSON

To clipboard Create KEV Entry

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-67855",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-03T15:43:09.970126Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-03T15:43:19.863Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/moodle/moodle/",
          "defaultStatus": "unaffected",
          "packageName": "moodle",
          "versions": [
            {
              "lessThan": "4.1.22",
              "status": "affected",
              "version": "4.1.0",
              "versionType": "semver"
            },
            {
              "lessThan": "4.4.12",
              "status": "affected",
              "version": "4.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "4.5.8",
              "status": "affected",
              "version": "4.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.0.4",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.1.1",
              "status": "affected",
              "version": "5.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Nicecatch2000 for reporting this issue."
        }
      ],
      "datePublic": "2025-12-15T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user\u0027s browser."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-03T10:52:15.809Z",
        "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
        "shortName": "fedora"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-67855"
        },
        {
          "name": "RHBZ#2423861",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423861"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-19T13:32:44.133000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-12-15T04:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Mooodle: mooodle: information disclosure and script execution via reflected cross-site scripting",
      "x_redhatCweChain": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
    "assignerShortName": "fedora",
    "cveId": "CVE-2025-67855",
    "datePublished": "2026-02-03T10:52:15.809Z",
    "dateReserved": "2025-12-12T13:00:24.330Z",
    "dateUpdated": "2026-02-03T15:43:19.863Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-67855\",\"sourceIdentifier\":\"patrick@puiterwijk.org\",\"published\":\"2026-02-03T11:15:55.813\",\"lastModified\":\"2026-02-03T16:44:03.343\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user\u0027s browser.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"patrick@puiterwijk.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"patrick@puiterwijk.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-67855\",\"source\":\"patrick@puiterwijk.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2423861\",\"source\":\"patrick@puiterwijk.org\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-67855\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-03T15:43:09.970126Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-03T15:43:14.443Z\"}}], \"cna\": {\"title\": \"Mooodle: mooodle: information disclosure and script execution via reflected cross-site scripting\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Nicecatch2000 for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"4.1.0\", \"lessThan\": \"4.1.22\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.4.0\", \"lessThan\": \"4.4.12\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.5.0\", \"lessThan\": \"4.5.8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.0.0\", \"lessThan\": \"5.0.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.1.0\", \"lessThan\": \"5.1.1\", \"versionType\": \"semver\"}], \"packageName\": \"moodle\", \"collectionURL\": \"https://github.com/moodle/moodle/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-12-19T13:32:44.133000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-12-15T04:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-12-15T04:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-67855\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2423861\", \"name\": \"RHBZ#2423861\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user\u0027s browser.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5\", \"shortName\": \"fedora\", \"dateUpdated\": \"2026-02-03T10:52:15.809Z\"}, \"x_redhatCweChain\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-67855\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-03T15:43:19.863Z\", \"dateReserved\": \"2025-12-12T13:00:24.330Z\", \"assignerOrgId\": \"92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5\", \"datePublished\": \"2026-02-03T10:52:15.809Z\", \"assignerShortName\": \"fedora\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-VWHW-VP9V-Q9C9

Vulnerability from github – Published: 2026-02-03 12:30 – Updated: 2026-02-03 19:36

Summary

Moodle vulnerable to Cross-site Scripting

Details

A flaw was found in Moodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user's browser.

Severity ?

5.4 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.4.0-beta"
            },
            {
              "fixed": "4.4.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.5.0-beta"
            },
            {
              "fixed": "4.5.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0-beta"
            },
            {
              "fixed": "5.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.1.0-beta"
            },
            {
              "fixed": "5.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-67855"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-03T19:36:41Z",
    "nvd_published_at": "2026-02-03T11:15:55Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Moodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user\u0027s browser.",
  "id": "GHSA-vwhw-vp9v-q9c9",
  "modified": "2026-02-03T19:36:41Z",
  "published": "2026-02-03T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67855"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moodle/moodle/commit/0c146aa2612fb6d0544f200a018cb42da75db713"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-67855"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423861"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/moodle/moodle"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471305"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moodle vulnerable to Cross-site Scripting"
}

CERTFR-2025-AVI-1113

Vulnerability from certfr_avis - Published: 2025-12-16 - Updated: 2025-12-16

De multiples vulnérabilités ont été découvertes dans Moodle. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Moodle	Moodle	Moodle versions 4.1.x antérieures à 4.1.22
Moodle	Moodle	Moodle versions 5.0.x antérieures à 5.0.4
Moodle	Moodle	Moodle versions 4.5.x antérieures à 4.5.8
Moodle	Moodle	Moodle versions 5.1.x antérieures à 5.1.1
Moodle	Moodle	Moodle versions 4.4.x antérieures à 4.4.12

References

Title

Publication Time

Tags

Bulletin de sécurité Moodle MSA-25-0057	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0058	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0053	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0052	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0060	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0059	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0055	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0054	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0056	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0061	2025-12-15	vendor-advisory

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Moodle versions 4.1.x ant\u00e9rieures \u00e0 4.1.22",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 5.0.x ant\u00e9rieures \u00e0 5.0.4",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 4.5.x ant\u00e9rieures \u00e0 4.5.8",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 5.1.x ant\u00e9rieures \u00e0 5.1.1",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 4.4.x ant\u00e9rieures \u00e0 4.4.12",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-67848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67848"
    },
    {
      "name": "CVE-2025-67852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67852"
    },
    {
      "name": "CVE-2025-67850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67850"
    },
    {
      "name": "CVE-2025-67849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67849"
    },
    {
      "name": "CVE-2025-67851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67851"
    },
    {
      "name": "CVE-2025-67853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67853"
    },
    {
      "name": "CVE-2025-67856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67856"
    },
    {
      "name": "CVE-2025-67855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67855"
    },
    {
      "name": "CVE-2025-67854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67854"
    },
    {
      "name": "CVE-2025-67857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67857"
    }
  ],
  "initial_release_date": "2025-12-16T00:00:00",
  "last_revision_date": "2025-12-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1113",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Moodle. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Moodle",
  "vendor_advisories": [
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0057",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471303"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0058",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471304"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0053",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471299"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0052",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471298"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0060",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471306"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0059",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471305"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0055",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471301"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0054",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471300"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0056",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471302"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0061",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471307"
    }
  ]
}

CERTFR-2025-AVI-1113

Vulnerability from certfr_avis - Published: 2025-12-16 - Updated: 2025-12-16

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Moodle	Moodle	Moodle versions 4.1.x antérieures à 4.1.22
Moodle	Moodle	Moodle versions 5.0.x antérieures à 5.0.4
Moodle	Moodle	Moodle versions 4.5.x antérieures à 4.5.8
Moodle	Moodle	Moodle versions 5.1.x antérieures à 5.1.1
Moodle	Moodle	Moodle versions 4.4.x antérieures à 4.4.12

References

Title

Publication Time

Tags

Bulletin de sécurité Moodle MSA-25-0057	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0058	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0053	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0052	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0060	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0059	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0055	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0054	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0056	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0061	2025-12-15	vendor-advisory

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Moodle versions 4.1.x ant\u00e9rieures \u00e0 4.1.22",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 5.0.x ant\u00e9rieures \u00e0 5.0.4",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 4.5.x ant\u00e9rieures \u00e0 4.5.8",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 5.1.x ant\u00e9rieures \u00e0 5.1.1",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 4.4.x ant\u00e9rieures \u00e0 4.4.12",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-67848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67848"
    },
    {
      "name": "CVE-2025-67852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67852"
    },
    {
      "name": "CVE-2025-67850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67850"
    },
    {
      "name": "CVE-2025-67849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67849"
    },
    {
      "name": "CVE-2025-67851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67851"
    },
    {
      "name": "CVE-2025-67853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67853"
    },
    {
      "name": "CVE-2025-67856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67856"
    },
    {
      "name": "CVE-2025-67855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67855"
    },
    {
      "name": "CVE-2025-67854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67854"
    },
    {
      "name": "CVE-2025-67857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67857"
    }
  ],
  "initial_release_date": "2025-12-16T00:00:00",
  "last_revision_date": "2025-12-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1113",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Moodle. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Moodle",
  "vendor_advisories": [
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0057",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471303"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0058",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471304"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0053",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471299"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0052",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471298"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0060",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471306"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0059",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471305"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0055",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471301"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0054",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471300"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0056",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471302"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0061",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471307"
    }
  ]
}

FKIE_CVE-2025-67855

Vulnerability from fkie_nvd - Published: 2026-02-03 11:15 - Updated: 2026-02-03 16:44

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Summary

References

	URL	Tags
	patrick@puiterwijk.org	https://access.redhat.com/security/cve/CVE-2025-67855
	patrick@puiterwijk.org	https://bugzilla.redhat.com/show_bug.cgi?id=2423861

Impacted products

	Vendor	Product	Version

JSON

To clipboard Create KEV Entry

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user\u0027s browser."
    }
  ],
  "id": "CVE-2025-67855",
  "lastModified": "2026-02-03T16:44:03.343",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "patrick@puiterwijk.org",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-03T11:15:55.813",
  "references": [
    {
      "source": "patrick@puiterwijk.org",
      "url": "https://access.redhat.com/security/cve/CVE-2025-67855"
    },
    {
      "source": "patrick@puiterwijk.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423861"
    }
  ],
  "sourceIdentifier": "patrick@puiterwijk.org",
  "vulnStatus": "Undergoing Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "patrick@puiterwijk.org",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-67855 (GCVE-0-2025-67855)

GHSA-VWHW-VP9V-Q9C9

CERTFR-2025-AVI-1113

Solutions

CERTFR-2025-AVI-1113

Solutions

FKIE_CVE-2025-67855

Tags

Sightings

Nomenclature