CVE-2025-3641

high

Description

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled.

References

https://moodle.org/mod/forum/discuss.php?d=467602

https://bugzilla.redhat.com/show_bug.cgi?id=2359735

https://access.redhat.com/security/cve/CVE-2025-3641

Details

Source: Mitre, NVD

Published: 2025-04-25

Updated: 2025-04-25

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H