CVE-2025-60511
📋 TL;DR
The Moodle OpenAI Chat Block plugin has an Insecure Direct Object Reference vulnerability that allows authenticated students to impersonate other users' chat blocks. This enables unauthorized access to administrator-only configurations and potential misuse of OpenAI API resources. All Moodle installations using the vulnerable plugin version are affected.
💻 Affected Systems
- Moodle OpenAI Chat Block plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Students access administrator-only Source of Truth entries, alter AI model behavior, misuse API resources leading to financial costs, and potentially expose sensitive institutional information.
Likely Case
Students impersonate other users' blocks to send queries with different configurations, potentially accessing restricted information or altering chat behavior.
If Mitigated
With proper access controls and monitoring, impact is limited to unauthorized query execution without data exfiltration or system compromise.
🎯 Exploit Status
Proof of concept available in public disclosure. Requires authenticated student account and knowledge of target block IDs.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 3.0.1 (2025021700)
Vendor Advisory: https://github.com/onurcangnc/moodle_block_openai_chat
Restart Required: No
Instructions:
1. Update Moodle OpenAI Chat Block plugin to latest version. 2. Remove or disable version 3.0.1 (2025021700). 3. Verify proper access controls are implemented in completion.php.
🔧 Temporary Workarounds
Disable vulnerable endpoint
allTemporarily disable the /blocks/openai_chat/api/completion.php endpoint
mv /path/to/moodle/blocks/openai_chat/api/completion.php /path/to/moodle/blocks/openai_chat/api/completion.php.disabled
Implement additional access controls
allAdd session validation and user permission checks in completion.php
Edit completion.php to validate user permissions before processing blockId parameter
🧯 If You Can't Patch
- Restrict student access to OpenAI Chat Block functionality
- Implement network-level monitoring for unusual API calls to OpenAI services
🔍 How to Verify
Check if Vulnerable:
Check plugin version in Moodle admin panel or examine /blocks/openai_chat/version.php for version 2025021700Check Version:
grep -r "plugin->version" /path/to/moodle/blocks/openai_chat/version.phpVerify Fix Applied:
Verify plugin version is updated beyond 2025021700 and test that students cannot access other users' block configurations📡 Detection & Monitoring
Log Indicators:
- Unusual blockId parameter values in completion.php requests
- Student accounts accessing administrator-configured blocks
- Multiple block IDs from single user session
Network Indicators:
- Unusual OpenAI API call patterns from student accounts
- Requests to completion.php with sequential or non-user block IDs
SIEM Query:
source="moodle_logs" AND uri="/blocks/openai_chat/api/completion.php" AND user_role="student" AND blockId!="user_block"