Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-62400

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

Published

2025-10-23T12:15:32.757

Last Modified

2025-11-14T19:07:37.553

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-200
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application moodle moodle < 4.1.21 Yes
Application moodle moodle < 4.4.11 Yes
Application moodle moodle < 4.5.7 Yes
Application moodle moodle < 5.0.3 Yes
References