GHSA-8fcv-4qp9-pg32

Опубликовано: 23 окт. 2025

Источник: github

Github: Прошло ревью

CVSS3: 4.3

Описание

Moodle sends quiz-related messages to inactive/suspended users

Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information.

Ссылки

Пакеты

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 5.0.0-beta, < 5.0.3

5.0.3

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 4.5.0-beta, < 4.5.7

4.5.7

EPSS

Процентиль: 11%

0.00038

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-62394

Дефекты

CWE-863

Связанные уязвимости

CVE-2025-62394

CVSS3: 4.3

ubuntu

3 месяца назад

Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information.

CVE-2025-62394

CVSS3: 4.3

nvd

3 месяца назад

Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information.

CVE-2025-62394

CVSS3: 4.3

debian

3 месяца назад

Moodle failed to verify enrolment status correctly when sending quiz n ...

EPSS

Процентиль: 11%

0.00038

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-62394

Дефекты

CWE-863