CVE-2025-62398

CVE-2025-62398: Moodle: possible to bypass mfa

Weakness CWE-287 · Improper authentication
Published October 23, 2025
Last update October 24, 2025

CVSS base score

What the vulnerability does

01Description

A serious authentication flaw allowed attackers with valid credentials to bypass multi-factor authentication under certain conditions, potentially compromising user accounts.

Key dates

02Disclosure timeline

October 23, 2025 CVE published
October 24, 2025 Record updated