Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3625

A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA).

Published

2025-04-25T15:15:36.753

Last Modified

2025-06-24T16:17:15.723

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.1 (HIGH)

Weaknesses

Type: Secondary
CWE-639

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	moodle	moodle	< 4.3.12	Yes
Application	moodle	moodle	< 4.4.8	Yes
Application	moodle	moodle	< 4.5.4	Yes

References

https://access.redhat.com/security/cve/CVE-2025-3625 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2359690 Issue Tracking ([email protected])