BIT-moodle-2025-62393

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2025-62393.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-moodle-2025-62393

Aliases

Published

2025-11-17T23:47:39.287Z

Modified

2025-11-18T00:27:32.660077Z

Summary

Moodle: course access permissions not properly checked in course_output_fragment_course_overview

Details

A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.

Database specific

{
    "cpes": [
        "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}

References

Affected packages

Bitnami / moodle

Package

Name: moodle
Purl: pkg:bitnami/moodle

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

5.0.0

Fixed

5.0.3