Educational

In Moodle LMS version 4.0 a medium severity vulnerability CVE-2022-50943 was detected. This vulnerability allows an unauthenticated attacker to execute arbitrary scripts in a user’s browser and potentially steal session cookies (Cross-Site Scripting). This occurs because malicious payloads can be injected through the unescaped “search” parameter in the course/search.php file. There’s no fix available for this issue at the moment. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2022-50943.

In Moodle version 3.10.3 a high severity vulnerability CVE-2021-47857 was detected. This vulnerability allows attackers to inject malicious JavaScript into the calendar event subtitle (label) field, resulting in persistent cross-site scripting that executes arbitrary code when users view the affected event. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2021-47857.

In Moodle versions 3.x through 3.11.18 a medium severity vulnerability CVE-2025-53021 was detected. This vulnerability allows unauthenticated attackers to hijack user sessions by obtaining and reusing the sesskey parameter within the OAuth2 login flow, resulting in full account takeover, and it affects only unsupported versions maintained by the developer. To address this issue, users should upgrade Moodle to versions 3.11.18 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-53021.

In Moodle versions 4.5 to 4.5.1, 4.4 to 4.4.5, 4.3 to 4.3.9, 4.1 to 4.1.15 and earlier a low severity vulnerability CVE-2025-26531 was detected. This vulnerability arises from insufficient capability checks within the badge management system, allowing attackers to exploit an Insecure Direct Object Reference (IDOR) and disable arbitrary badges. To address this issue, users should upgrade Moodle to versions 4.5.2, 4.4.6, 4.3.10 or 4.1.16. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26531.

In Moodle version 4.5.0 a low severity vulnerability CVE-2025-26532 was detected. This vulnerability arises from insufficient checks in the glossary restoration process, allowing teachers to bypass trusttext configurations when restoring glossary entries. To address this issue, users should upgrade Moodle to version 4.5.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26532.

In Moodle versions from 4.3.0-beta to 4.5.0-beta a high severity vulnerability CVE-2025-26533 was detected. This vulnerability arises from an SQL injection risk in the module list filter within the course search functionality, allowing attackers to manipulate SQL queries and potentially access sensitive data or compromise the system. To address this issue, users should upgrade Moodle to versions 4.5.2, 4.4.6, 4.3.10, or 4.1.16. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26533.

In Moodle versions up to 4.1.15, 4.3.9, 4.4.5 and 4.5.1 a high severity vulnerability CVE-2025-26529 was detected. This vulnerability arises from insufficient sanitization of input in the Site Administration Live Log, leading to a stored Cross-Site Scripting (XSS) risk. To address this issue, users should upgrade Moodle to versions 4.1.16, 4.3.10, 4.4.6 or 4.5.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26529.

In Moodle versions up to 4.5.1 a high severity vulnerability CVE-2025-26530 was detected. This vulnerability results from insufficient sanitization in the question bank filter, allowing attackers to craft malicious URLs that execute arbitrary JavaScript in the victim’s browser. To address this issue, users should upgrade Moodle to versions 4.5.2, 4.4.6 or 4.3.10. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26530.

In Moodle versions up to 4.5.2 a medium severity vulnerability CVE-2025-26526 was detected. This vulnerability compromises the integrity of response viewing and deletion in Separate Groups mode within the platform’s feedback module. To address this issue, users should upgrade Moodle to versions 4.5.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-26526.