CVE-2025-62399

Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.

Published Oct 28, 2025

https://moodle.org/mod/forum/discuss.php?d=470388 https://access.redhat.com/security/cve/CVE-2025-62399 https://github.com/advisories/GHSA-m58f-9pvv-8mp2

CVSS ScoreHigh

7.5

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-62399

Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.

Published Oct 28, 2025

https://moodle.org/mod/forum/discuss.php?d=470388 https://access.redhat.com/security/cve/CVE-2025-62399 https://github.com/advisories/GHSA-m58f-9pvv-8mp2

CVSS ScoreHigh

7.5


composer	moodle/moodle	v2.3.10
composer	moodle/moodle	v2.3.11
composer	moodle/moodle	v2.3.4
composer	moodle/moodle	v2.3.5
composer	moodle/moodle	v2.3.6
composer	moodle/moodle	v2.3.7
composer	moodle/moodle	v2.3.8
composer	moodle/moodle	v2.3.9
composer	moodle/moodle	v2.4.0-rc1
composer	moodle/moodle	v2.4.0
composer	moodle/moodle	v2.4.10
composer	moodle/moodle	v2.4.11
composer	moodle/moodle	v2.4.1
composer	moodle/moodle	v2.4.2
composer	moodle/moodle	v2.4.3
composer	moodle/moodle	v2.4.4
composer	moodle/moodle	v2.4.5
composer	moodle/moodle	v2.4.6
composer	moodle/moodle	v2.4.7
composer	moodle/moodle	v2.4.8
composer	moodle/moodle	v2.4.9
composer	moodle/moodle	v2.5.0-beta
composer	moodle/moodle	v2.5.0-rc1
composer	moodle/moodle	v2.5.0
composer	moodle/moodle	v2.5.1
composer	moodle/moodle	v2.5.2
composer	moodle/moodle	v2.5.3
composer	moodle/moodle	v2.5.4
composer	moodle/moodle	v2.5.5
composer	moodle/moodle	v2.5.6
composer	moodle/moodle	v2.5.7
composer	moodle/moodle	v2.5.8
composer	moodle/moodle	v2.5.9
composer	moodle/moodle	v2.6.0-beta
composer	moodle/moodle	v2.6.0-rc1
composer	moodle/moodle	v2.6.0
composer	moodle/moodle	v2.6.10
composer	moodle/moodle	v2.6.11
composer	moodle/moodle	v2.6.1
composer	moodle/moodle	v2.6.2
composer	moodle/moodle	v2.6.3
composer	moodle/moodle	v2.6.4
composer	moodle/moodle	v2.6.5
composer	moodle/moodle	v2.6.6
composer	moodle/moodle	v2.6.7
composer	moodle/moodle	v2.6.8
composer	moodle/moodle	v2.6.9
composer	moodle/moodle	v2.7.0-beta
composer	moodle/moodle	v2.7.0-rc1
composer	moodle/moodle	v2.7.0-rc2

Ecosystem	Package	Version


composer	moodle/moodle	v2.3.10
composer	moodle/moodle	v2.3.11
composer	moodle/moodle	v2.3.4
composer	moodle/moodle	v2.3.5
composer	moodle/moodle	v2.3.6
composer	moodle/moodle	v2.3.7
composer	moodle/moodle	v2.3.8
composer	moodle/moodle	v2.3.9
composer	moodle/moodle	v2.4.0-rc1
composer	moodle/moodle	v2.4.0
composer	moodle/moodle	v2.4.10
composer	moodle/moodle	v2.4.11
composer	moodle/moodle	v2.4.1
composer	moodle/moodle	v2.4.2
composer	moodle/moodle	v2.4.3
composer	moodle/moodle	v2.4.4
composer	moodle/moodle	v2.4.5
composer	moodle/moodle	v2.4.6
composer	moodle/moodle	v2.4.7
composer	moodle/moodle	v2.4.8
composer	moodle/moodle	v2.4.9
composer	moodle/moodle	v2.5.0-beta
composer	moodle/moodle	v2.5.0-rc1
composer	moodle/moodle	v2.5.0
composer	moodle/moodle	v2.5.1
composer	moodle/moodle	v2.5.2
composer	moodle/moodle	v2.5.3
composer	moodle/moodle	v2.5.4
composer	moodle/moodle	v2.5.5
composer	moodle/moodle	v2.5.6
composer	moodle/moodle	v2.5.7
composer	moodle/moodle	v2.5.8
composer	moodle/moodle	v2.5.9
composer	moodle/moodle	v2.6.0-beta
composer	moodle/moodle	v2.6.0-rc1
composer	moodle/moodle	v2.6.0
composer	moodle/moodle	v2.6.10
composer	moodle/moodle	v2.6.11
composer	moodle/moodle	v2.6.1
composer	moodle/moodle	v2.6.2
composer	moodle/moodle	v2.6.3
composer	moodle/moodle	v2.6.4
composer	moodle/moodle	v2.6.5
composer	moodle/moodle	v2.6.6
composer	moodle/moodle	v2.6.7
composer	moodle/moodle	v2.6.8
composer	moodle/moodle	v2.6.9
composer	moodle/moodle	v2.7.0-beta
composer	moodle/moodle	v2.7.0-rc1
composer	moodle/moodle	v2.7.0-rc2

Find vulnerabilities. Fix fast with AI.

CVE-2025-62399

CVE-2025-62399