Description

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user's browser.

INFO

Published Date :

2026-02-03T10:52:15.809Z

Last Modified :

2026-02-03T15:43:19.863Z

Source :

fedora
AFFECTED PRODUCTS

The following products are affected by CVE-2025-67855 vulnerability.

Vendors Products
Moodle
  • Moodle
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-67855.

URL Resource
https://access.redhat.com/security/cve/CVE-2025-67855 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2423861 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact