CVE-2025-67850
Moodle: moodle: cross-site scripting vulnerability via inadequate input filtering in formula editor
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
03 Feb 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions, the malicious code would execute in their web browsers, potentially compromising their data or leading to unauthorized actions.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
Affected products
moodleWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →