CVE-2025-3628

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 25, 2025
Updated: Apr 29, 2025
CWE ID 200

Summary

CVE-2025-3628 is a vulnerability affecting the Moodle learning management system. Anonymity in assignment submissions can be compromised, allowing unauthorized users to de-anonymize students' identities through search functions. This issue poses a significant risk to the privacy of students, potentially leading to identity theft or other malicious activities. It is crucial that affected Moodle installations are updated as soon as possible to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share