A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they haven't finished two-step verification processes.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2025-3634 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2359707 | Issue Tracking |
Configurations
Configuration 1 (hide)
|
History
24 Jun 2025, 16:16
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* | |
First Time |
Moodle moodle
Moodle |
|
References | () https://access.redhat.com/security/cve/CVE-2025-3634 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2359707 - Issue Tracking |
29 Apr 2025, 13:52
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Apr 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-04-25 14:15
Updated : 2025-06-24 16:16
NVD link : CVE-2025-3634
Mitre link : CVE-2025-3634
CVE.ORG link : CVE-2025-3634
JSON object : View
Products Affected
moodle
- moodle
CWE
CWE-287
Improper Authentication