CVE-2025-3638 – Moodle CSRF in Brickfield Tool

April 25, 2025

CVE ID : CVE-2025-3638

Published : April 25, 2025, 3:15 p.m. | 4 hours, 29 minutes ago

Description : A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3637 – Moodle CSRF Information Disclosure

Next Article CVE-2025-32432 (CVSS 10): Craft CMS Hit by Critical RCE Flaw Exploited in the Wild

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-3638 – Moodle CSRF in Brickfield Tool

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Paragon Spyware used to Spy on European Journalists

Master Image Processing in Node.js Using Sharp for Fast Web Apps

Ninja Gaiden 4 is bloody, stylish, and pure fun — I cannot wait for the full release of this Xbox, Team Ninja, and PlatinumGames team-up

CVE-2025-47858 – Apache HTTP Server Cross-Site Request Forgery

Trusted Smart Interactive Whiteboard Dealer in Delhi for Education

CVE-2025-44998 – TinyFileManager Stored XSS

The biggest unanswered questions about Xbox’s next-gen consoles

CVE-2025-4632 – Samsung MagicINFO 9 Server Path Traversal Write Arbitrary File Vulnerability

Microsoft’s Surface Pro 12-inch is a massive upgrade over the Surface Go 4 — Here’s how this performance leap breaks down

CVE-2025-3638 – Moodle CSRF in Brickfield Tool

Related Posts