CVE-2025-3642

high

Description

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled.

References

https://moodle.org/mod/forum/discuss.php?d=467603

https://bugzilla.redhat.com/show_bug.cgi?id=2359738

https://access.redhat.com/security/cve/CVE-2025-3642

Details

Source: Mitre, NVD

Published: 2025-04-25

Updated: 2025-04-29

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H