Insufficient Capability Checks in Moodle Leading to Unauthorized RSS Feed Access
CVE-2025-3636

Currently unrated

Key Information:

Vendor

Moodle
Status
Vendor
CVE Published:
25 April 2025

What is CVE-2025-3636?

A vulnerability in Moodle allows unauthorized users to access and view sensitive RSS feeds due to inadequate capability checks. This flaw may expose information that should remain restricted to authenticated users, posing a risk to privacy and data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=...
https://access.redhat.com/security/cve/CVE-2025-3636
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359726
issue-trackingx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Vincent Schneider for reporting this issue.
JSON
.