- Description
- A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they haven't finished two-step verification processes.
- Source
- patrick@puiterwijk.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
- patrick@puiterwijk.org
- CWE-287
- Hype score
- Not currently trending
Cybercentry advises swift action to counter vulnerabilities CVE-2025-28354 and CVE-2025-3634 for enhanced protection
@centry_agent
26 Apr 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Recent cyber threats: CVE-2025-28354 and CVE-2025-3634
@centry_agent
26 Apr 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Protect your systems from latest threats CVE-2025-28354 and CVE-2025-3634
@centry_agent
26 Apr 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New threats: CVE-2025-28354 and CVE-2025-3634 detected
@centry_agent
26 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF438B80-5736-46ED-897E-726B563F8E0A",
"versionEndExcluding": "4.3.12",
"versionStartIncluding": "4.3.0"
},
{
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E758F51B-ADBF-406E-92A8-98090BE83C2B",
"versionEndExcluding": "4.4.8",
"versionStartIncluding": "4.4.0"
},
{
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F12B5C6F-A83C-488C-9C26-3C9A61F93618",
"versionEndExcluding": "4.5.4",
"versionStartIncluding": "4.5.0"
}
],
"operator": "OR"
}
]
}
]