Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-67856

Опубликовано: 03 фев. 2026
Источник: ubuntu
Приоритет: medium
CVSS3: 5.4

Описание

A flaw was found in Moodle. An authorization logic flaw, specifically due to incomplete role checks during the badge awarding process, allowed badges to be granted without proper verification. This could enable unauthorized users to obtain badges they are not entitled to, potentially leading to privilege escalation or unauthorized access to certain features.

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/xenial

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

5.4 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-67856

CVSS3: 5.4
nvd
4 дня назад

A flaw was found in Moodle. An authorization logic flaw, specifically due to incomplete role checks during the badge awarding process, allowed badges to be granted without proper verification. This could enable unauthorized users to obtain badges they are not entitled to, potentially leading to privilege escalation or unauthorized access to certain features.

debian логотип

CVE-2025-67856

CVSS3: 5.4
debian
4 дня назад

A flaw was found in Moodle. An authorization logic flaw, specifically ...

github логотип

GHSA-hcm6-q6pc-xfhm

CVSS3: 5.4
github
4 дня назад

Moodle has an authorization logic flaw

5.4 Medium

CVSS3