Miggo Logo

CVE-2025-32045: Moodle shows hidden grades to users without permission on some grade reports

5.3

CVSS Score
3.1

Basic Information

EPSS Score
0.12228%
Published
4/25/2025
Updated
4/25/2025
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer< 4.1.174.1.17
moodle/moodlecomposer>= 4.3.0-beta, < 4.3.114.3.11
moodle/moodlecomposer>= 4.4.0-beta, < 4.4.74.4.7
moodle/moodlecomposer>= 4.5.0-beta, < 4.5.34.5.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

* *l*w **s ***n i**nti*i** in Moo*l* w**r* insu**i*i*nt **p**ility ****ks in **rt*in *r*** r*ports *llow** us*rs wit*out t** n***ss*ry p*rmissions to ****ss *i***n *r***s.

Reasoning

No *n*lysis *v*il**l*