Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3642) - Vulnerability Database

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3642)

Description

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled.

References

CVE-2025-3642

Related Vulnerabilities

Severity

High

Classification