Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Improper Access Control Vulnerability (CVE-2025-62393)

Description

A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.

Remediation

References

Related Vulnerabilities

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33194)

ReviveAdserver Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-52671)

MySQL CVE-2015-0374 Vulnerability (CVE-2015-0374)

WordPress Plugin Google Drive for WordPress Information Disclosure (2.2)

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2197)

Severity

Medium

Classification

CVE-2025-62393 CWE-284 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities