Plataforma
php
Componente
moodle/moodle
Corrigido em
4.5.4
4.4.8
4.3.12
4.1.18
4.1.18
CVE-2025-3635 is a Cross-Site Request Forgery (CSRF) vulnerability identified in Moodle. This flaw allows unauthenticated attackers to duplicate existing tours within the Moodle platform, potentially leading to unauthorized content modification or disruption. The vulnerability affects Moodle versions up to and including 4.1.9. A fix is available in version 4.1.18.
The primary impact of this CSRF vulnerability lies in the ability of an attacker to create unauthorized copies of existing tours. Tours are often used to guide new users through Moodle's features or provide structured learning paths. An attacker could leverage this to create misleading or malicious tours, potentially confusing users or disrupting the learning experience. While the impact is considered LOW due to the lack of direct data compromise, the potential for disruption and reputational damage should not be underestimated. The duplication could also be used to create a large number of tours, potentially impacting Moodle's performance.
CVE-2025-3635 was published on April 25, 2025. The vulnerability's CVSS score is LOW (3.5), indicating a relatively low probability of exploitation. There are currently no publicly known Proof-of-Concept (POC) exploits. It is not listed on KEV or EPSS, suggesting a low level of active exploitation. Monitor security advisories and community forums for any updates regarding exploitation attempts.
Status do Exploit
EPSS
0.12% (percentil 31%)
CISA SSVC
Vetor CVSS
The recommended mitigation for CVE-2025-3635 is to upgrade Moodle to version 4.1.18 or later. If upgrading immediately is not possible, consider implementing a temporary workaround by enabling CSRF protection for tour duplication functionality. This might involve custom code or plugins, depending on Moodle's architecture and available extensions. Review existing tour configurations and monitor for any unexpected duplication activity. Consider implementing a Web Application Firewall (WAF) rule to filter out suspicious requests targeting the tour duplication endpoint.
Atualize o Moodle para a última versão disponível. As versões 4.5.4, 4.4.8, 4.3.12 e 4.1.18 corrigem a vulnerabilidade CSRF que permite a duplicação não autorizada de tours. A atualização previne a exploração desta vulnerabilidade.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2025-3635 is a Cross-Site Request Forgery (CSRF) vulnerability in Moodle versions up to 4.1.9, allowing unauthorized tour duplication without login.
You are affected if you are running Moodle versions 4.1.9 or earlier. Upgrade to 4.1.18 or later to resolve the vulnerability.
Upgrade Moodle to version 4.1.18 or later. As a temporary workaround, consider enabling CSRF protection for tour duplication functionality.
Currently, there are no publicly known Proof-of-Concept exploits or reports of active exploitation, but ongoing monitoring is recommended.
Refer to the official Moodle security advisory at [https://security.moodle.org/ - replace with actual URL when available].
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.