CVE-2025-24556

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 3, 2025

CWE ID 532

Summary

CVE-2025-24556 is a log file vulnerability affecting Moodle's DualCube component, version n/a through 3.2.4. An attacker can insert sensitive information into the log file, enabling retrieval of embedded sensitive data. This issue may pose a significant risk to system security and confidentiality. Organizations using Moodle with DualCube are urged to update to a patched version as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2ums_t
https://www.cve.org/CVERecord?id=CVE-2025-24556
https://nvd.nist.gov/vuln/detail/CVE-2025-24556

Back to Vulnerability Database

CVE-2025-24556

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations