Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-67849

A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view these compromised pages, their sessions could be stolen, or the user interface could be manipulated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.2%
CVSS Severity
CVSS v3 Score 7.3
Products affected by CVE-2025-67849
  • Moodle » Moodle » Version: 4.5.0
    cpe:2.3:a:moodle:moodle:4.5.0
  • Moodle » Moodle » Version: 4.5.1
    cpe:2.3:a:moodle:moodle:4.5.1
  • Moodle » Moodle » Version: 4.5.2
    cpe:2.3:a:moodle:moodle:4.5.2
  • Moodle » Moodle » Version: 4.5.3
    cpe:2.3:a:moodle:moodle:4.5.3
  • Moodle » Moodle » Version: 4.5.4
    cpe:2.3:a:moodle:moodle:4.5.4
  • Moodle » Moodle » Version: 4.5.5
    cpe:2.3:a:moodle:moodle:4.5.5
  • Moodle » Moodle » Version: 4.5.6
    cpe:2.3:a:moodle:moodle:4.5.6
  • Moodle » Moodle » Version: 4.5.7
    cpe:2.3:a:moodle:moodle:4.5.7
  • Moodle » Moodle » Version: 5.0.0
    cpe:2.3:a:moodle:moodle:5.0.0
  • Moodle » Moodle » Version: 5.0.1
    cpe:2.3:a:moodle:moodle:5.0.1
  • Moodle » Moodle » Version: 5.0.2
    cpe:2.3:a:moodle:moodle:5.0.2
  • Moodle » Moodle » Version: 5.0.3
    cpe:2.3:a:moodle:moodle:5.0.3
  • Moodle » Moodle » Version: 5.1.0
    cpe:2.3:a:moodle:moodle:5.1.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved