CVE-2025-67848

Name of the Vulnerable Software and Affected Versions Moodle (affected versions not specified)

Description A flaw exists in Moodle that allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue stems from LTI authentication handlers not enforcing user suspension status, resulting in unauthorized access. This could lead to information disclosure or other unauthorized actions. The vulnerable component is the LTI authentication handler. The affected API endpoint is the LTI Provider authentication endpoint.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.