CVE-2025-3635 Information

Description

A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.

Reference

https://access.redhat.com/security/cve/CVE-2025-3635 https://bugzilla.redhat.com/show_bug.cgi?id=2359709