Moodle URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2025-67852 - Vulnerability Database

Moodle URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2025-67852

Medium

Reference: CVE-2025-67852

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-67852

Title: Moodle URL Redirection to Untrusted Site (Open Redirect) Vulnerability

Overview:

A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. This occurs due to insufficient validation of redirect parameters which could lead to phishing attacks or information disclosure.