CNNVD-202602-465 Information

CNNVD ID

CNNVD-202602-465

Related CVE

CVE-2025-67848

• CNNVD Published: 2026-02-03

Description (Chinese)

Moodle是Moodle开源的一套免费的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle存在安全漏洞，该漏洞源于LTI身份验证处理程序未强制执行用户暂停状态，可能导致身份验证绕过、信息泄露或未经授权的操作。

Description (English)

Moodle is an open-source, free-of-charge e-learning platform known as the curriculum management system, the learning management system or the virtual learning environment. There is a security loophole in Modle, which stems from the fact that the LTI identity processing process does not enforce the user’s suspension, which may lead to the identification being bypassed, information leaked or unauthorized.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Moodle

Published

2026-02-03

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-67848 https://bugzilla.redhat.com/show_bug.cgi?id=2423831 https://moodle.org/mod/forum/discuss.php?d=471298