GHSA-422v-w6c5-vq42

Опубликовано: 23 окт. 2025

Источник: github

Github: Прошло ревью

CVSS3: 4.3

Описание

Moodle exposed the names of hidden groups to users

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

Ссылки

Пакеты

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 5.0.0-beta, < 5.0.3

5.0.3

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 4.5.0-beta, < 4.5.7

4.5.7

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 4.2.0-beta, < 4.4.11

4.4.11

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

< 4.1.21

4.1.21

EPSS

Процентиль: 10%

0.00035

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-62400

Дефекты

CWE-200

Связанные уязвимости

CVE-2025-62400

CVSS3: 4.3

ubuntu

около 1 месяца назад

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

CVE-2025-62400

CVSS3: 4.3

nvd

около 1 месяца назад

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

CVE-2025-62400

CVSS3: 4.3

debian

около 1 месяца назад

Moodle exposed the names of hidden groups to users who had permission ...

ROS-20251125-06

CVSS3: 6.5

redos

6 дней назад

Множественные уязвимости moodle

EPSS

Процентиль: 10%

0.00035

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-62400

Дефекты

CWE-200