Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-32044

Опубликовано: 25 апр. 2025
Источник: nvd
CVSS3: 7.5
EPSS Низкий

Описание

A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data—including names, contact information, and hashed passwords—via stack traces returned by specific API calls. Sites with PHP configured with zend.exception_ignore_args = 1 in the php.ini file are not affected by this vulnerability.

EPSS

Процентиль: 26%
0.00088
Низкий

7.5 High

CVSS3

Дефекты

CWE-200

Связанные уязвимости

CVSS3: 7.5
ubuntu
3 месяца назад

A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data—including names, contact information, and hashed passwords—via stack traces returned by specific API calls. Sites with PHP configured with zend.exception_ignore_args = 1 in the php.ini file are not affected by this vulnerability.

CVSS3: 7.5
debian
3 месяца назад

A flaw has been identified in Moodle where, on certain sites, unauthen ...

CVSS3: 7.5
github
3 месяца назад

Moodle allows unauthenticated REST API user data exposure

CVSS3: 7.5
fstec
3 месяца назад

Уязвимость виртуальной обучающей среды Moodle, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 7.5
redos
около 2 месяцев назад

Множественные уязвимости moodle

EPSS

Процентиль: 26%
0.00088
Низкий

7.5 High

CVSS3

Дефекты

CWE-200