Unrated severityOSV Advisory· Published Oct 23, 2025· Updated Oct 23, 2025
Moodle: router produces json instead of 404 error for invalid course id
CVE-2025-62397
Description
The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- access.redhat.com/security/cve/CVE-2025-62397mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
News mentions
0No linked articles in our index yet.