Description

A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access to the system. This can lead to information disclosure or other unauthorized actions by users who should be restricted.

Remediation

References

CVE-2025-67848

Related Vulnerabilities

WordPress Plugin Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty Unspecified Vulnerability (2.0.5)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-37914)

WordPress Plugin Downloads Manager Arbitrary File Upload (1.0)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5341)

WordPress Plugin Simple Events Calendar SQL Injection (1.3.5)

Severity

High

Classification

CVE-2025-67848 CWE-280 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Tags

Missing Update Known Vulnerabilities