GHSA-8JRV-WX83-W3XJ Moodle Inserts Sensitive Information Into Sent Data

A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure...

Insertion of Sensitive Information Into Sent Data

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the urls during anonymous assignment submissions. An attacker can access internal user identifiers by viewing exposed URLs, which may compromise...

CVE-2025-67857

A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure...

CVE-2025-67857

A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure...

UBUNTU-CVE-2025-67857

A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure...

PT-2026-5965

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw exists in Moodle where user identifiers are exposed in URLs during anonymous assignment submissions. This exposure compromises the intended anonymity and could lead to information...