Plattform
php
Komponente
moodle/moodle
Behoben in
4.5.4
4.4.8
4.3.12
4.1.18
4.1.18
CVE-2025-3638 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in the Brickfield tool within Moodle. This flaw allows an attacker to potentially trigger unintended actions on a user's account if they are tricked into clicking a malicious link. The vulnerability impacts Moodle versions up to 4.1.9, and a patch is available in version 4.1.18.
The CSRF vulnerability in Moodle's Brickfield tool allows an attacker to craft malicious requests that appear to originate from a legitimate user. If successful, an attacker could potentially modify user settings, enroll users in courses, or perform other actions as if they were the authenticated user. The scope of impact depends on the permissions of the affected user account. While the CVSS score is LOW, the widespread use of Moodle and the potential for automated exploitation make this a significant concern. Successful exploitation could lead to unauthorized data modification and disruption of learning activities.
CVE-2025-3638 was publicly disclosed on 2025-04-25. There are currently no known public exploits or active campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog. The LOW CVSS score suggests a relatively low probability of exploitation, but the widespread use of Moodle warrants proactive mitigation.
Exploit-Status
EPSS
0.14% (34% Perzentil)
The primary mitigation for CVE-2025-3638 is to upgrade Moodle to version 4.1.18 or later, which includes the necessary fix. If immediate upgrading is not possible, implement temporary mitigations. A Web Application Firewall (WAF) can be configured to filter requests containing suspicious parameters or patterns associated with the Brickfield tool. Additionally, ensure that all user input to the Brickfield tool is properly validated and sanitized to prevent malicious data from being processed. Consider implementing stricter CSRF protection mechanisms throughout the Moodle installation.
Aktualisieren Sie Moodle auf die neueste verfügbare Version. Die Versionen 4.5.4, 4.4.8, 4.3.12 und 4.1.18 beheben die CSRF-Schwachstelle im Brickfield-Tool. Dies verhindert, dass Angreifer nicht autorisierte Aktionen im Namen authentifizierter Benutzer ausführen.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-3638 is a Cross-Site Request Forgery (CSRF) vulnerability in Moodle's Brickfield tool, allowing attackers to perform unauthorized actions if a user clicks a malicious link. It affects versions up to 4.1.9.
You are affected if you are running Moodle version 4.1.9 or earlier. Check your Moodle version and upgrade immediately to mitigate the risk.
Upgrade Moodle to version 4.1.18 or later to resolve the vulnerability. If upgrading is not immediately possible, consider temporary workarounds like restricting access to the Brickfield tool.
As of April 25, 2025, there are no publicly known active campaigns exploiting CVE-2025-3638, and no public POC code has been released.
Refer to the official Moodle security advisory for CVE-2025-3638 on the Moodle website: [https://security.moodle.org/ (replace with actual link when available)].
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.