CNNVD-202602-456 Information

CNNVD ID

CNNVD-202602-456

Related CVE

CVE-2025-67856

• CNNVD Published: 2026-02-03

Description (Chinese)

Moodle是Moodle开源的一套免费的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle存在安全漏洞，该漏洞源于徽章授予过程中角色检查不完整，可能导致未经授权的用户获取徽章，从而引发权限提升或未经授权访问某些功能。

Description (English)

Moodle is an open-source, free-of-charge e-learning platform known as the curriculum management system, the learning management system or the virtual learning environment. There is a security loophole in Modle, which stems from the incomplete character checks during the badge award process, which may lead to unauthorized users gaining access to the badges, thus triggering a higher level of authority or unauthorized access to certain functions.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Moodle

Published

2026-02-03

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-67856 https://bugzilla.redhat.com/show_bug.cgi?id=2423864