How severe is CVE-2025-62396?

CVE-2025-62396 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-62396

Name: moodle
Author: moodle

5.3MEDIUM

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

Publicado: 10/23/2025Actualizado: 11/14/2025

Descripción

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

Análisis IAImpulsado por IA

Productos Afectados

moodlemoodle

Referencias

https://access.redhat.com/security/cve/CVE-2025-62396
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2404429
Issue TrackingThird Party Advisory