Vulnerability-Lookup

CVE-2025-67857 (GCVE-0-2025-67857)

Vulnerability from cvelistv5 – Published: 2026-02-03 10:52 – Updated: 2026-02-03 15:40

Title

Moodle: moodle: data exposure of user identifiers in urls

Summary

A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE

CWE-201 - Insertion of Sensitive Information Into Sent Data

Assigner

fedora

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2025-67857	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2423868	issue-trackingx_refsource_REDHAT
	https://moodle.org/mod/forum/discuss.php?d=471307

Impacted products

	Vendor	Product	Version
			Affected: 4.1.0 , < 4.1.22 (semver) Affected: 4.4.0 , < 4.4.12 (semver) Affected: 4.5.0 , < 4.5.8 (semver) Affected: 5.0.0 , < 5.0.4 (semver) Affected: 5.1.0 , < 5.1.1 (semver)

Credits

Red Hat would like to thank Mihail Geshoski for reporting this issue.

Show details on NVD website

JSON

To clipboard Create KEV Entry

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-67857",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-03T15:40:38.990126Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-03T15:40:59.601Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/moodle/moodle/",
          "defaultStatus": "unaffected",
          "packageName": "moodle",
          "versions": [
            {
              "lessThan": "4.1.22",
              "status": "affected",
              "version": "4.1.0",
              "versionType": "semver"
            },
            {
              "lessThan": "4.4.12",
              "status": "affected",
              "version": "4.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "4.5.8",
              "status": "affected",
              "version": "4.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.0.4",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.1.1",
              "status": "affected",
              "version": "5.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Mihail Geshoski for reporting this issue."
        }
      ],
      "datePublic": "2025-12-15T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-201",
              "description": "Insertion of Sensitive Information Into Sent Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-03T10:52:22.459Z",
        "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
        "shortName": "fedora"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-67857"
        },
        {
          "name": "RHBZ#2423868",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423868"
        },
        {
          "url": "https://moodle.org/mod/forum/discuss.php?d=471307"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-19T13:40:16.882000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-12-15T04:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Moodle: moodle: data exposure of user identifiers in urls",
      "x_redhatCweChain": "CWE-201: Insertion of Sensitive Information Into Sent Data"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
    "assignerShortName": "fedora",
    "cveId": "CVE-2025-67857",
    "datePublished": "2026-02-03T10:52:22.459Z",
    "dateReserved": "2025-12-12T13:00:24.331Z",
    "dateUpdated": "2026-02-03T15:40:59.601Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-67857\",\"sourceIdentifier\":\"patrick@puiterwijk.org\",\"published\":\"2026-02-03T11:15:56.090\",\"lastModified\":\"2026-02-03T16:44:03.343\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"patrick@puiterwijk.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"patrick@puiterwijk.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-201\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-67857\",\"source\":\"patrick@puiterwijk.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2423868\",\"source\":\"patrick@puiterwijk.org\"},{\"url\":\"https://moodle.org/mod/forum/discuss.php?d=471307\",\"source\":\"patrick@puiterwijk.org\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-67857\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-03T15:40:38.990126Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-03T15:40:51.073Z\"}}], \"cna\": {\"title\": \"Moodle: moodle: data exposure of user identifiers in urls\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Mihail Geshoski for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"4.1.0\", \"lessThan\": \"4.1.22\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.4.0\", \"lessThan\": \"4.4.12\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.5.0\", \"lessThan\": \"4.5.8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.0.0\", \"lessThan\": \"5.0.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"5.1.0\", \"lessThan\": \"5.1.1\", \"versionType\": \"semver\"}], \"packageName\": \"moodle\", \"collectionURL\": \"https://github.com/moodle/moodle/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-12-19T13:40:16.882000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-12-15T04:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-12-15T04:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-67857\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2423868\", \"name\": \"RHBZ#2423868\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://moodle.org/mod/forum/discuss.php?d=471307\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-201\", \"description\": \"Insertion of Sensitive Information Into Sent Data\"}]}], \"providerMetadata\": {\"orgId\": \"92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5\", \"shortName\": \"fedora\", \"dateUpdated\": \"2026-02-03T10:52:22.459Z\"}, \"x_redhatCweChain\": \"CWE-201: Insertion of Sensitive Information Into Sent Data\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-67857\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-03T15:40:59.601Z\", \"dateReserved\": \"2025-12-12T13:00:24.331Z\", \"assignerOrgId\": \"92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5\", \"datePublished\": \"2026-02-03T10:52:22.459Z\", \"assignerShortName\": \"fedora\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2025-AVI-1113

Vulnerability from certfr_avis - Published: 2025-12-16 - Updated: 2025-12-16

De multiples vulnérabilités ont été découvertes dans Moodle. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Moodle	Moodle	Moodle versions 4.1.x antérieures à 4.1.22
Moodle	Moodle	Moodle versions 5.0.x antérieures à 5.0.4
Moodle	Moodle	Moodle versions 4.5.x antérieures à 4.5.8
Moodle	Moodle	Moodle versions 5.1.x antérieures à 5.1.1
Moodle	Moodle	Moodle versions 4.4.x antérieures à 4.4.12

References

Title

Publication Time

Tags

Bulletin de sécurité Moodle MSA-25-0057	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0058	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0053	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0052	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0060	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0059	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0055	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0054	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0056	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0061	2025-12-15	vendor-advisory

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Moodle versions 4.1.x ant\u00e9rieures \u00e0 4.1.22",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 5.0.x ant\u00e9rieures \u00e0 5.0.4",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 4.5.x ant\u00e9rieures \u00e0 4.5.8",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 5.1.x ant\u00e9rieures \u00e0 5.1.1",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 4.4.x ant\u00e9rieures \u00e0 4.4.12",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-67848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67848"
    },
    {
      "name": "CVE-2025-67852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67852"
    },
    {
      "name": "CVE-2025-67850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67850"
    },
    {
      "name": "CVE-2025-67849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67849"
    },
    {
      "name": "CVE-2025-67851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67851"
    },
    {
      "name": "CVE-2025-67853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67853"
    },
    {
      "name": "CVE-2025-67856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67856"
    },
    {
      "name": "CVE-2025-67855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67855"
    },
    {
      "name": "CVE-2025-67854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67854"
    },
    {
      "name": "CVE-2025-67857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67857"
    }
  ],
  "initial_release_date": "2025-12-16T00:00:00",
  "last_revision_date": "2025-12-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1113",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Moodle. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Moodle",
  "vendor_advisories": [
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0057",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471303"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0058",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471304"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0053",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471299"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0052",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471298"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0060",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471306"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0059",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471305"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0055",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471301"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0054",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471300"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0056",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471302"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0061",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471307"
    }
  ]
}

CERTFR-2025-AVI-1113

Vulnerability from certfr_avis - Published: 2025-12-16 - Updated: 2025-12-16

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Moodle	Moodle	Moodle versions 4.1.x antérieures à 4.1.22
Moodle	Moodle	Moodle versions 5.0.x antérieures à 5.0.4
Moodle	Moodle	Moodle versions 4.5.x antérieures à 4.5.8
Moodle	Moodle	Moodle versions 5.1.x antérieures à 5.1.1
Moodle	Moodle	Moodle versions 4.4.x antérieures à 4.4.12

References

Title

Publication Time

Tags

Bulletin de sécurité Moodle MSA-25-0057	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0058	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0053	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0052	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0060	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0059	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0055	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0054	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0056	2025-12-15	vendor-advisory
Bulletin de sécurité Moodle MSA-25-0061	2025-12-15	vendor-advisory

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Moodle versions 4.1.x ant\u00e9rieures \u00e0 4.1.22",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 5.0.x ant\u00e9rieures \u00e0 5.0.4",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 4.5.x ant\u00e9rieures \u00e0 4.5.8",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 5.1.x ant\u00e9rieures \u00e0 5.1.1",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    },
    {
      "description": "Moodle versions 4.4.x ant\u00e9rieures \u00e0 4.4.12",
      "product": {
        "name": "Moodle",
        "vendor": {
          "name": "Moodle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-67848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67848"
    },
    {
      "name": "CVE-2025-67852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67852"
    },
    {
      "name": "CVE-2025-67850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67850"
    },
    {
      "name": "CVE-2025-67849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67849"
    },
    {
      "name": "CVE-2025-67851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67851"
    },
    {
      "name": "CVE-2025-67853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67853"
    },
    {
      "name": "CVE-2025-67856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67856"
    },
    {
      "name": "CVE-2025-67855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67855"
    },
    {
      "name": "CVE-2025-67854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67854"
    },
    {
      "name": "CVE-2025-67857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67857"
    }
  ],
  "initial_release_date": "2025-12-16T00:00:00",
  "last_revision_date": "2025-12-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1113",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Moodle. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Moodle",
  "vendor_advisories": [
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0057",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471303"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0058",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471304"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0053",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471299"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0052",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471298"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0060",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471306"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0059",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471305"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0055",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471301"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0054",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471300"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0056",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471302"
    },
    {
      "published_at": "2025-12-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-25-0061",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471307"
    }
  ]
}

FKIE_CVE-2025-67857

Vulnerability from fkie_nvd - Published: 2026-02-03 11:15 - Updated: 2026-02-03 16:44

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Summary

References

	URL	Tags
	patrick@puiterwijk.org	https://access.redhat.com/security/cve/CVE-2025-67857
	patrick@puiterwijk.org	https://bugzilla.redhat.com/show_bug.cgi?id=2423868
	patrick@puiterwijk.org	https://moodle.org/mod/forum/discuss.php?d=471307

Impacted products

	Vendor	Product	Version

JSON

To clipboard Create KEV Entry

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure."
    }
  ],
  "id": "CVE-2025-67857",
  "lastModified": "2026-02-03T16:44:03.343",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "patrick@puiterwijk.org",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-03T11:15:56.090",
  "references": [
    {
      "source": "patrick@puiterwijk.org",
      "url": "https://access.redhat.com/security/cve/CVE-2025-67857"
    },
    {
      "source": "patrick@puiterwijk.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423868"
    },
    {
      "source": "patrick@puiterwijk.org",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471307"
    }
  ],
  "sourceIdentifier": "patrick@puiterwijk.org",
  "vulnStatus": "Undergoing Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-201"
        }
      ],
      "source": "patrick@puiterwijk.org",
      "type": "Secondary"
    }
  ]
}

GHSA-8JRV-WX83-W3XJ

Vulnerability from github – Published: 2026-02-03 12:30 – Updated: 2026-02-03 19:17

Summary

Moodle Inserts Sensitive Information Into Sent Data

Details

Severity ?

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.4.0-beta"
            },
            {
              "fixed": "4.4.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.5.0-beta"
            },
            {
              "fixed": "4.5.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0-beta"
            },
            {
              "fixed": "5.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.1.0-beta"
            },
            {
              "fixed": "5.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-67857"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-201"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-03T19:17:11Z",
    "nvd_published_at": "2026-02-03T11:15:56Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure.",
  "id": "GHSA-8jrv-wx83-w3xj",
  "modified": "2026-02-03T19:17:11Z",
  "published": "2026-02-03T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67857"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moodle/moodle/commit/ac30e7e19357f696979b7ffd760a7131b6ad88f6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moodle/moodle/commit/c6cb8d971257c04a12a2c5d8510a89cb906f46f0"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-67857"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423868"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/moodle/moodle"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=471307"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moodle Inserts Sensitive Information Into Sent Data"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-67857 (GCVE-0-2025-67857)

CERTFR-2025-AVI-1113

Solutions

CERTFR-2025-AVI-1113

Solutions

FKIE_CVE-2025-67857

GHSA-8JRV-WX83-W3XJ

Tags

Sightings

Nomenclature