CVE-2025-3634

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-3634

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3634.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-3634

Aliases

GHSA-qhc7-xhc2-7p7w

Downstream

UBUNTU-CVE-2025-3634

Published

2025-04-25T14:15:22Z

Modified

2025-06-27T11:05:27.651671Z

Summary

[none]

Details

A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they haven't finished two-step verification processes.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type: GIT
Repo: https://github.com/moodle/moodle
Events: Introduced

fe7aff8093240cc373f1ddaa66ecb91c4bc0a09f

Fixed

73fc31dabf4feb33ef02167bd98063a3ceef89bb

Affected versions

v4.*

v4.3.0

v4.3.1

v4.3.10

v4.3.11

v4.3.2

v4.3.3

v4.3.4

v4.3.5

v4.3.6

v4.3.7

v4.3.8

v4.3.9