Description

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

Remediation

References

CVE-2025-62400

Related Vulnerabilities

MySQL CVE-2016-5442 Vulnerability (CVE-2016-5442)

WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.6)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1643)

WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Unspecified Vulnerability (2.5.3)

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-38040)

Severity

Medium

Classification

CVE-2025-62400 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities