CNNVD-202602-462 Information

CNNVD ID

CNNVD-202602-462

Related CVE

CVE-2025-67849

• CNNVD Published: 2026-02-03

Description (Chinese)

Moodle是Moodle开源的一套免费的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle存在安全漏洞，该漏洞源于对AI提示响应的清理不当，可能导致跨站脚本攻击、会话窃取或用户界面被操纵。

Description (English)

Moodle is an open-source, free-of-charge e-learning platform known as the curriculum management system, the learning management system or the virtual learning environment. There is a security loophole in Moodle, which stems from inadequate clean-up of responses to AI alerts, which may lead to cross-site script attacks, session thefts or manipulation of the user interface.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Moodle

Published

2026-02-03

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-67849 https://bugzilla.redhat.com/show_bug.cgi?id=2423835