CVE-2025-26529

Published Feb 24, 2025

Last updated 8 months ago

CVSS high 8.3
Moodle

Overview

Description
Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.
Source
patrick@puiterwijk.org
NVD status
Analyzed
Products
moodle

Risk scores

CVSS 3.1

Type
Primary
Base score
6.1
Impact score
2.7
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

patrick@puiterwijk.org
CWE-79

Social media

Hype score
Not currently trending

  1. 🚨CVE-2025-26529: Moodle XSS to RCE Exploit Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk. https://t.co/oWD0mOVHOH

    @DarkWebInformer

    2 Jan 2026

    14722 Impressions

    35 Retweets

    284 Likes

    135 Bookmarks

    5 Replies

    0 Quotes

  2. Top 5 Trending CVEs: 1 - CVE-2025-3776 2 - CVE-2025-31125 3 - CVE-2025-31161 4 - CVE-2018-17144 5 - CVE-2025-26529 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    5 May 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Top 5 Trending CVEs: 1 - CVE-2025-3776 2 - CVE-2024-26809 3 - CVE-2025-46337 4 - CVE-2025-26529 5 - CVE-2025-32433 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    4 May 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. "PoC for CVE-2025-26529: Moodle XSS to RCE Exploit" Credit: https://t.co/fCGtS6Uzqq https://t.co/Nw5oUdiDSn

    @DarkWebInformer

    2 May 2025

    14640 Impressions

    44 Retweets

    226 Likes

    162 Bookmarks

    2 Replies

    0 Quotes

  5. CVE-2025-26529 Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk. https://t.co/qTjErE7N8w

    @CVEnew

    24 Feb 2025

    383 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  6. [CVE-2025-26529: HIGH] Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.#cybersecurity,#vulnerability https://t.co/0Gq1sG4pS8 https://t.co/4i52bSs3ut

    @CveFindCom

    24 Feb 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 Admin #Account Takeover in Moodle! [#CVE-2025-26529] https://t.co/1ifN7Qdiu2

    @UndercodeUpdate

    23 Feb 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server.CVE-2026-26046
  2. A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.CVE-2026-26047
  3. A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available to privileged users, exploitation requires authenticated access. Successful exploitation could result in full compromise of the Moodle server.CVE-2026-26045
  4. A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure.CVE-2025-67857
  5. A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions, the malicious code would execute in their web browsers, potentially compromising their data or leading to unauthorized actions.CVE-2025-67850

References

Sources include official advisories and independent security research.