CVE-2025-3635 – Moodle CSRF Tour Duplicating Vulnerability

April 25, 2025

CVE ID : CVE-2025-3635

Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago

Description : A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3628 – Moodle Anonymous Assignment De-Anonymization Vulnerability

Next Article CVE-2025-3637 – Moodle CSRF Information Disclosure

Highlights

CVE-2025-24271 – Apple AirPlay Unauthenticated Access Vulnerability

April 29, 2025

CVE ID : CVE-2025-24271

Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago

Description : An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Bing Search APIs to be “decommissioned completely” as Microsoft urges developers to use its Azure agentic AI alternative

Microsoft might kill the Surface Laptop Studio as production is quietly halted

Minecraft licensing robbed us of this controversial NFL schedule release video

The power of generators

The power of generators

Simplify Factory Associations with Laravel’s UseFactory Attribute

This Week in Laravel: React Native, PhpStorm Junie, and more

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Bing Search APIs to be “decommissioned completely” as Microsoft urges developers to use its Azure agentic AI alternative

Microsoft might kill the Surface Laptop Studio as production is quietly halted

CVE-2025-3635 – Moodle CSRF Tour Duplicating Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4610 – WordPress WP-Members Membership Plugin Stored Cross-Site Scripting Vulnerability

Code generation using Code Llama 70B and Mixtral 8x7B on Amazon SageMaker

Vesta – Hosting Control Panel

API with NestJS #177. Response serialization with the Drizzle ORM

Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users

CVE-2025-24271 – Apple AirPlay Unauthenticated Access Vulnerability

Sand Price in Hyderabad Today

North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages

Securing the Future: Best Practices for Data Privacy in AI Projects🔐

CVE-2025-3635 – Moodle CSRF Tour Duplicating Vulnerability

Related Posts