CVE-2025-3628

A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities.
Configurations

Configuration 1 (hide)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

History

24 Jun 2025, 16:19

Type Values Removed Values Added
CPE cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
First Time Moodle moodle
Moodle
References () https://access.redhat.com/security/cve/CVE-2025-3628 - () https://access.redhat.com/security/cve/CVE-2025-3628 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2359706 - () https://bugzilla.redhat.com/show_bug.cgi?id=2359706 - Issue Tracking

29 Apr 2025, 13:52

Type Values Removed Values Added
Summary
  • (es) Se encontró una falla en Moodle que permite desanonimizar las entregas de tareas anónimas mediante una búsqueda, revelando así la identidad de los estudiantes.

25 Apr 2025, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-04-25 15:15

Updated : 2025-06-24 16:19


NVD link : CVE-2025-3628

Mitre link : CVE-2025-3628

CVE.ORG link : CVE-2025-3628


JSON object : View

Products Affected

moodle

  • moodle
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor