{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T07:22:54.697","vulnerabilities":[{"cve":{"id":"CVE-2025-67857","sourceIdentifier":"patrick@puiterwijk.org","published":"2026-02-03T11:15:56.090","lastModified":"2026-02-11T18:58:25.637","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure."},{"lang":"es","value":"Se encontró una vulnerabilidad en Moodle. Durante las entregas de tareas anónimas, los identificadores de usuario se expusieron inadvertidamente en las URL. Esta exposición de datos permite a espectadores no autorizados ver los IDs de usuario internos, comprometiendo el anonimato previsto y potencialmente llevando a la revelación de información."}],"metrics":{"cvssMetricV31":[{"source":"patrick@puiterwijk.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"patrick@puiterwijk.org","type":"Secondary","description":[{"lang":"en","value":"CWE-201"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionEndExcluding":"4.1.21","matchCriteriaId":"E22203C1-B84A-4B29-9F54-426C9F9DF046"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.11","matchCriteriaId":"CED60CDC-8F12-481C-9ADD-8559860A2B3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.8","matchCriteriaId":"C0CC5CF8-4808-41A5-B8A1-B0D6C575E5DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.4","matchCriteriaId":"06F81442-AEEB-483D-90A9-93DDBA5B95D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:5.1.0:-:*:*:*:*:*:*","matchCriteriaId":"567FEE12-0E75-4F0C-B22E-E76990C80E1B"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2025-67857","source":"patrick@puiterwijk.org","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2423868","source":"patrick@puiterwijk.org","tags":["Third Party Advisory"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=471307","source":"patrick@puiterwijk.org","tags":["Vendor Advisory"]}]}}]}