CNNVD-202602-463 Information

CNNVD ID

CNNVD-202602-463

Related CVE

CVE-2025-67851

• CNNVD Published: 2026-02-03

Description (Chinese)

Moodle是Moodle开源的一套免费的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle存在安全漏洞，该漏洞源于数据字段导出时未正确转义，可能导致公式注入攻击，从而破坏数据完整性并在电子表格中执行意外操作。

Description (English)

Moodle is an open-source, free-of-charge e-learning platform known as the curriculum management system, the learning management system or the virtual learning environment. There is a security loophole in Moodle, which stems from the incorrect transposition of the data fields when they are exported, which may lead to a formula being injected into an attack, thereby undermining the integrity of the data and performing an accidental operation in spreadsheets.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Moodle

Published

2026-02-03

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-67851 https://bugzilla.redhat.com/show_bug.cgi?id=2423841 https://moodle.org/mod/forum/discuss.php?d=471301