How severe is CVE-2025-62396?

CVE-2025-62396 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-62396

Name: moodle
Author: moodle

5.3MEDIUM

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

Publicado: 10/23/2025Atualizado: 11/14/2025

Descrição

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

Análise IADesenvolvido por IA

Produtos Afetados

moodlemoodle

Referências

https://access.redhat.com/security/cve/CVE-2025-62396
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2404429
Issue TrackingThird Party Advisory