Insufficient Capability Checks in Moodle Affect User Grade Access
CVE-2025-32045

Currently unrated

Key Information:

Vendor

Moodle
Status
Vendor
CVE Published:
25 April 2025

What is CVE-2025-32045?

A flaw in Moodle has been discovered where inadequate capability checks in specific grade reports can lead to unauthorized access. This vulnerability allows users without proper permissions to view hidden grades, potentially exposing sensitive academic information. It highlights the importance of robust permission validations to secure user data effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/security/cve/CVE-2025-32045
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2356835
issue-trackingx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Ilya Tregubov for reporting this issue.
JSON
.