VYPR
Moderate severityOSV Advisory· Published Oct 23, 2025· Updated Oct 23, 2025

Moodle: hidden group names visible to event creators

CVE-2025-62400

Description

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
moodle/moodlePackagist
>= 5.0.0-beta, < 5.0.35.0.3
moodle/moodlePackagist
>= 4.5.0-beta, < 4.5.74.5.7
moodle/moodlePackagist
>= 4.2.0-beta, < 4.4.114.4.11
moodle/moodlePackagist
< 4.1.214.1.21

Affected products

3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.