How severe is CVE-2025-62396?

CVE-2025-62396 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-62396

Name: moodle
Author: moodle

5.3MEDIUM

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

Published: 10/23/2025Updated: 11/14/2025

Description

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

AI AnalysisPowered by AI

Affected Products

moodlemoodle

References

https://access.redhat.com/security/cve/CVE-2025-62396
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2404429
Issue TrackingThird Party Advisory