CNNVD-202602-457 Information
CNNVD ID
CNNVD-202602-457
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Moodle是Moodle开源的一套免费的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。 moodle存在安全漏洞,该漏洞源于匿名作业提交期间用户标识符在URL中意外暴露,可能导致未经授权的查看者看到内部用户ID,从而破坏预期的匿名性并可能导致信息泄露。
Description (English)
Moodle is an open-source, free-of-charge e-learning platform known as the curriculum management system, the learning management system or the virtual learning environment. There is a security loophole in the moodle, which stems from the accidental exposure of the user identifier in the URL during the anonymous submission of the operation, which may result in unauthorized viewers seeing the internal user ID, thereby undermining the desired anonymity and may lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Moodle
Published
2026-02-03
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2025-67857 https://bugzilla.redhat.com/show_bug.cgi?id=2423868 https://moodle.org/mod/forum/discuss.php?d=471307
Share on: