Lucene search
+L

7 matches found

osv
osv
added 2026/02/12 8:51 a.m.6 views

BIT-MOODLE-2025-67853 Moodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email service

A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...

7.5CVSS5.6AI score0.00417EPSS
Exploits0References3
snyk
snyk
added 2026/02/03 11:48 a.m.2 views

Brute Force

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Brute Force via the confirmation email web service. An attacker can gain unauthorized access to sensitive information by sending repeated authentication attempts without proper rate limiting, enabli...

8.7CVSS5.5AI score0.00417EPSS
Exploits0References2
nvd
nvd
added 2026/02/03 11:15 a.m.10 views

CVE-2025-67853

A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...

7.5CVSS0.00417EPSS
Exploits0References2
osv
osv
added 2026/02/03 11:15 a.m.7 views

UBUNTU-CVE-2025-67853

A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/02/03 10:52 a.m.3 views

CVE-2025-67853 Moodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email service

A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...

7.5CVSS5.5AI score0.00417EPSS
Exploits0References2
cve
cve
added 2026/02/03 10:52 a.m.88 views

CVE-2025-67853

CVE-2025-67853 concerns Moodle and is supported by multiple sources in the provided documents. The vulnerability is caused by a lack of proper rate limiting in Moodle’s confirmation email service, which can enable attackers to enumerate or guess user credentials, facilitating brute-force attacks ...

7.5CVSS5.5AI score0.00417EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/02/03 10:52 a.m.34 views

CVE-2025-67853 Moodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email service

A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...

7.5CVSS0.00417EPSS
Exploits0References2
Rows per page
Query Builder