{"id":1689,"date":"2025-04-25T12:34:56","date_gmt":"2025-04-25T12:34:56","guid":{"rendered":"http:\/\/localhost\/?p=1689"},"modified":"2025-04-25T12:34:56","modified_gmt":"2025-04-25T12:34:56","slug":"cve-2025-3625-moodle-user-dos-and-name-disclosure-via-idor-in-moodle-mfa-email-factor-revoke-action","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=1689","title":{"rendered":"CVE-2025-3625 Moodle: user dos and name disclosure via idor in moodle mfa email factor revoke action"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nCVE-2025-3625 Moodle: user dos and name disclosure via idor in moodle mfa email factor revoke action<\/td>\n<\/tr>\n
Type<\/th>\nvulnrichment<\/td>\n<\/tr>\n
Published<\/th>\n2025-04-25T14:42:39<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-25T16:40:33<\/td>\n<\/tr>\n
CVSS Score<\/th>\n7.1 (HIGH)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nNETWORK<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nLOW<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nUNCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nLOW<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nNONE<\/td>\n<\/tr>\n
Availability Impact<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2025-3625<\/td>\n<\/tr>\n
CWE<\/th>\nCWE-639<\/td>\n<\/tr>\n
Bulletin Family<\/th>\ncve<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor…\n <\/div>\n<\/p><\/div>\n
\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n7.1<\/td>\n<\/tr>\n
Severity<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n