
We found results for “”
CVE-2025-32045
Good to know:

Date: April 25, 2025
A flaw has been identified in Moodle where insufficient capability checks in certain grade reports allowed users without the necessary permissions to access hidden grades.
Severity Score
Related Resources (7)
Severity Score
Weakness Type (CWE)
Missing Authorization
CWE-862Top Fix

Upgrade Version
Upgrade to version moodle/moodle - v4.3.11;moodle/moodle - v4.4.7;moodle/moodle - v4.5.3;moodle/moodle - v4.1.17
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | NONE |
Availability (A): | NONE |