CVE-2025-67852

Name of the Vulnerable Software and Affected Versions Moodle (affected versions not specified)

Description A flaw exists in Moodle that allows a remote attacker to redirect users to attacker-controlled pages after successful authentication. This is due to insufficient validation of redirect parameters within the OAuth login flow, potentially leading to phishing attacks or information disclosure. The issue involves an open redirect.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.