A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA).
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2025-3625 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2359690 | Issue Tracking |
Configurations
Configuration 1 (hide)
|
History
24 Jun 2025, 16:17
Type | Values Removed | Values Added |
---|---|---|
First Time |
Moodle moodle
Moodle |
|
CPE | cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* | |
References | () https://access.redhat.com/security/cve/CVE-2025-3625 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2359690 - Issue Tracking |
29 Apr 2025, 13:52
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Apr 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-04-25 15:15
Updated : 2025-06-24 16:17
NVD link : CVE-2025-3625
Mitre link : CVE-2025-3625
CVE.ORG link : CVE-2025-3625
JSON object : View
Products Affected
moodle
- moodle
CWE
CWE-639
Authorization Bypass Through User-Controlled Key