CVE-2025-67851 Moodle: moodle: formula injection allows arbitrary formula execution via unescaped data export

🗓️ 03 Feb 2026 10:52:06Reported by fedoraType

Moodle formula injection via unescaped data export enables arbitrary formulas when opened in a spreadsheet.

Reporter	Title	Published	Views	Family All 19
ATTACKERKB	CVE-2025-67851	3 Feb 202610:52	–	attackerkb
CNNVD	Moodle 安全漏洞	3 Feb 202600:00	–	cnnvd
CVE	CVE-2025-67851	3 Feb 202610:52	–	cve
EUVD	EUVD-2025-206735	3 Feb 202610:52	–	euvd
Github Security Blog	Moodle formula injection vulnerability	3 Feb 202612:30	–	github
NVD	CVE-2025-67851	3 Feb 202611:15	–	nvd
OpenVAS	Moodle Multiple Vulnerabilities (Dec 2025)	22 Dec 202500:00	–	openvas
OSV	BIT-MOODLE-2025-67851 Moodle: moodle: formula injection allows arbitrary formula execution via unescaped data export	12 Feb 202608:51	–	osv
OSV	CVE-2025-67851	3 Feb 202611:15	–	osv
OSV	GHSA-QFH6-H7J6-FVJV Moodle formula injection vulnerability	3 Feb 202612:30	–	osv

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "4.1.0",
        "lessThan": "4.1.22",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.4.0",
        "lessThan": "4.4.12",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.5.0",
        "lessThan": "4.5.8",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "5.0.0",
        "lessThan": "5.0.4",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "5.1.0",
        "lessThan": "5.1.1",
        "versionType": "semver"
      }
    ],
    "packageName": "moodle",
    "collectionURL": "https://github.com/moodle/moodle/",
    "defaultStatus": "unaffected"
  }
]

Source	Link
moodle	www.moodle.org/mod/forum/discuss.php
access	www.access.redhat.com/security/cve/CVE-2025-67851
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

03 Feb 2026 10:52Current

CVSS 3.16.1

EPSS0.00251

CWE-1236