Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-cghw-xbkf-juh9
Vulnerability ID VCID-cghw-xbkf-juh9
Aliases CVE-2025-62393
GHSA-rjcm-7v2p-9265
Summary Moodle course access permissions are not properly checked in course_output_fragment_course_overview A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-284 Improper Access Control
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2025-62393
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-rjcm-7v2p-9265
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2025-62393
https://bugzilla.redhat.com/show_bug.cgi?id=2404426
https://github.com/moodle/moodle
https://github.com/moodle/moodle/commit/fc69b4744ba0132cc3093fd81940be15bc293835
https://moodle.org/mod/forum/discuss.php?d=470381
CVE-2025-62393 https://access.redhat.com/security/cve/CVE-2025-62393
CVE-2025-62393 https://nvd.nist.gov/vuln/detail/CVE-2025-62393
GHSA-rjcm-7v2p-9265 https://github.com/advisories/GHSA-rjcm-7v2p-9265
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.15798
EPSS Score 0.00049
Published At May 30, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-30T21:04:31.273323+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2025-62393.yml 38.6.0