CNNVD-202602-459 Information

CNNVD ID

CNNVD-202602-459

Related CVE

CVE-2025-67855

• CNNVD Published: 2026-02-03

Description (Chinese)

Moodle是Moodle开源的一套免费的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle存在安全漏洞，该漏洞源于策略工具返回URL中对URL参数清理不足，可能导致反射型跨站脚本攻击，从而引发信息泄露或在用户浏览器中执行任意客户端脚本。

Description (English)

Moodle is an open-source, free-of-charge e-learning platform known as the curriculum management system, the learning management system or the virtual learning environment. Modle has a security loophole, which stems from the inadequate clearance of URL parameters in the return of strategic tools in URLs, which may lead to a reflective cross-site script attack, thus causing a leak of information or the execution of random client scripts in the user browser.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Moodle

Published

2026-02-03

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-67855 https://bugzilla.redhat.com/show_bug.cgi?id=2423861