CVE-2025-3628
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Apr 25, 2025
Updated: Apr 29, 2025
CWE ID 200
Summary
CVE-2025-3628 is a vulnerability affecting the Moodle learning management system. Anonymity in assignment submissions can be compromised, allowing unauthorized users to de-anonymize students' identities through search functions. This issue poses a significant risk to the privacy of students, potentially leading to identity theft or other malicious activities. It is crucial that affected Moodle installations are updated as soon as possible to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Moodle
Affected Vendors
- Moodle