How severe is CVE-2025-62396?

CVE-2025-62396 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-62396

Name: moodle
Author: moodle

5.3MEDIUM

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

Veröffentlicht: 10/23/2025Aktualisiert: 11/14/2025

Beschreibung

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

KI-AnalyseKI-gestützt

Betroffene Produkte

moodlemoodle

Referenzen

https://access.redhat.com/security/cve/CVE-2025-62396
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2404429
Issue TrackingThird Party Advisory