A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data.
Metrics
Affected Vendors & Products
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Thu, 23 Oct 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 23 Oct 2025 11:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data. | |
Title | Moodle: external cohort search service leaks system cohort data | |
Weaknesses | CWE-284 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: fedora
Published:
Updated: 2025-10-23T14:43:09.806Z
Reserved: 2025-10-13T10:12:30.925Z
Link: CVE-2025-62395

Updated: 2025-10-23T14:43:01.832Z

Status : Received
Published: 2025-10-23T12:15:31.747
Modified: 2025-10-23T12:15:31.747
Link: CVE-2025-62395

No data.

No data.