CVE-2025-67852 | THREATINT

Description

A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. This occurs due to insufficient validation of redirect parameters, which could lead to phishing attacks or information disclosure.

PUBLISHED Reserved 2025-12-12 | Published 2026-02-03 | Updated 2026-02-03 | Assigner fedora

LOW: 3.5CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

Problem types

URL Redirection to Untrusted Site ('Open Redirect')

Product status

Default status

unaffected

4.1.0 (semver) before 4.1.22

affected

4.4.0 (semver) before 4.4.12

affected

4.5.0 (semver) before 4.5.8

affected

5.0.0 (semver) before 5.0.4

affected

5.1.0 (semver) before 5.1.1

affected

Timeline

2025-12-19:	Reported to Red Hat.
2025-12-15:	Made public.

Credits

Red Hat would like to thank Paolo Lazzaroni for reporting this issue.

References

access.redhat.com/security/cve/CVE-2025-67852 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2423844 (RHBZ#2423844) issue-tracking

cve.org (CVE-2025-67852)

nvd.nist.gov (CVE-2025-67852)

Download JSON

help @ threatint.eu