Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-3637

Опубликовано: 25 апр. 2025
Источник: debian
EPSS Низкий

Описание

A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
moodleremovedpackage

EPSS

Процентиль: 10%
0.00038
Низкий

Связанные уязвимости

CVSS3: 3.1
ubuntu
3 месяца назад

A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.

CVSS3: 3.1
nvd
3 месяца назад

A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.

CVSS3: 3.1
github
3 месяца назад

Moodle's mod_data edit/delete pages pass CSRF token in GET parameter

CVSS3: 3.1
fstec
3 месяца назад

Уязвимость модуля mod_data виртуальной обучающей среды Moodle, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 8.8
redos
3 месяца назад

Множественные уязвимости moodle

EPSS

Процентиль: 10%
0.00038
Низкий