Moodle: course access permissions not properly checked in course_output_fragment_course_overview

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.

Basic Information

ID CVE-2025-62393

Source fedora

Published Oct 23, 2025 at 11:28

Affected Product

Version 5.0.0

Affected Versions 5.0.0

CWE Classification

CWE-284

References

{
    "lastseen": "",
    "description": "A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.",
    "published": "2025-10-23T11:28:25.023Z",
    "modified": "2025-10-23T11:28:25.023Z",
    "type": "cve",
    "title": "Moodle: course access permissions not properly checked in course_output_fragment_course_overview",
    "source": "fedora",
    "references": "https://access.redhat.com/security/cve/CVE-2025-62393\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2404426",
    "id": "CVE-2025-62393",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "  5.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "",
    "version": "5.0.0",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Moodle: course access permissions not properly checked in course_output_fragment_course_overview_CVE-2025-62393