Home

Description

A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.

PUBLISHED Reserved 2025-10-13 | Published 2025-10-23 | Updated 2025-10-23 | Assigner fedora




MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem types

Improper Access Control

Product status

Default status
unaffected

5.0.0 (semver) before 5.0.3
affected

Timeline

2025-10-16:Reported to Red Hat.
2025-10-14:Made public.

Credits

Red Hat would like to thank Dani Palou for reporting this issue.

References

access.redhat.com/security/cve/CVE-2025-62393 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2404426 (RHBZ#2404426) issue-tracking

moodle.org/mod/forum/discuss.php?d=470381

cve.org (CVE-2025-62393)

nvd.nist.gov (CVE-2025-62393)

Download JSON