Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-62397)

Description

The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance.

Remediation

References

Related Vulnerabilities

WebLogic Improper Input Validation Vulnerability (CVE-2021-44832)

Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2183)

WordPress Plugin HTML5 Video Player with Playlist Multiple Cross-Site Scripting Vulnerabilities (2.40)

WordPress Plugin Price Commander for WooCommerce Security Bypass (1.2.2)

SharePoint Out-of-bounds Write Vulnerability (CVE-2012-2539)

Severity

Medium

Classification

CVE-2025-62397 CWE-209 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities