Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-62397)

Description

The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance.

Remediation

References

Related Vulnerabilities

Java Unspesificed Vulnerability (CVE-2019-2422)

WordPress Plugin Translate Multilingual sites-TranslatePress Cross-Site Scripting (2.0.8)

WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.2)

Liferay DXP Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2025-43766)

WordPress Plugin WP Open Graph Cross-Site Request Forgery (1.6.1)

Severity

Medium

Classification

CVE-2025-62397 CWE-209 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities