CVE-2025-26525

Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available (such as those with TeX Live installed).

CVSS v3 8.6 HIGH

8.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136	Patch
https://moodle.org/mod/forum/discuss.php?d=466141	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::
	cpe:2.3:a:moodle:moodle::::::::

History

08 Aug 2025, 19:41

Type	Values Removed	Values Added
References	~~() https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136 -~~	() https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136 - Patch
References	~~() https://moodle.org/mod/forum/discuss.php?d=466141 -~~	() https://moodle.org/mod/forum/discuss.php?d=466141 - Vendor Advisory
Summary		(es) Una depuración insuficiente en el filtro de notación TeX resultó en un riesgo de lectura arbitraria de archivos en sitios donde pdfTeX esté disponible (como aquellos con TeX Live instalado).
First Time		Moodle moodle Moodle
CPE		cpe:2.3:a:moodle:moodle::::::::

24 Feb 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-24 20:15

Updated : 2025-08-08 19:41

NVD link : CVE-2025-26525

Mitre link : CVE-2025-26525

CVE.ORG link : CVE-2025-26525

JSON object : View

Products Affected

moodle

moodle

CWE

CWE-552

Files or Directories Accessible to External Parties

{"id": "CVE-2025-26525", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2025-02-24T20:15:33.103", "references": [{"url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136", "tags": ["Patch"], "source": "patrick@puiterwijk.org"}, {"url": "https://moodle.org/mod/forum/discuss.php?d=466141", "tags": ["Vendor Advisory"], "source": "patrick@puiterwijk.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "description": [{"lang": "en", "value": "CWE-552"}]}], "descriptions": [{"lang": "en", "value": "Insufficient sanitizing in the TeX notation filter resulted in an \narbitrary file read risk on sites where pdfTeX is available (such as \nthose with TeX Live installed)."}, {"lang": "es", "value": " Una depuraci\u00f3n insuficiente en el filtro de notaci\u00f3n TeX result\u00f3 en un riesgo de lectura arbitraria de archivos en sitios donde pdfTeX est\u00e9 disponible (como aquellos con TeX Live instalado)."}], "lastModified": "2025-08-08T19:41:25.927", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABE6D6ED-55D3-46B4-84DC-7C3684E3260E", "versionEndExcluding": "4.1.16", "versionStartIncluding": "4.1.0"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DF83192-5999-4E1B-B109-A1B0F68437B2", "versionEndExcluding": "4.3.10", "versionStartIncluding": "4.3.0"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B91CC5BB-FFB9-4D09-9001-105A8B68208E", "versionEndExcluding": "4.4.6", "versionStartIncluding": "4.4.0"}, {"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "830F7FD6-3257-44A2-9599-2C5C2FF2BA20", "versionEndExcluding": "4.5.2", "versionStartIncluding": "4.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "patrick@puiterwijk.org"}