5.4
CVE-2025-62401
- EPSS 0.04%
- Veröffentlicht 23.10.2025 11:29:32
- Zuletzt bearbeitet 14.11.2025 19:03:27
- Quelle patrick@puiterwijk.org
- CVE-Watchlists
- Unerledigt
Moodle: possible to bypass timer in timed assignments
Possible to bypass timer in timed assignments
An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.
Mögliche Gegenmaßnahme
Moodle Server: Update to a patched version.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemMoodle
≫
Produkt
Moodle Server
Version
< 4.1.0
Version
>= 5.0.0, < 5.0.3
Version
>= 4.5.0, < 4.5.7
Version
>= 4.4.0, < 4.4.11
Version
>= 4.1.0, < 4.1.21
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.136 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| patrick@puiterwijk.org | 5.4 | 2.8 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
|
CWE-285 Improper Authorization
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.