CVE-2025-67849
📋 TL;DR
This cross-site scripting vulnerability in Moodle allows attackers to inject malicious scripts through AI prompt responses. When users view compromised pages, attackers can steal session cookies or manipulate the user interface. All Moodle instances with AI features enabled are potentially affected.
💻 Affected Systems
- Moodle
📦 What is this software?
Moodle by Moodle
Moodle by Moodle
Moodle by Moodle
⚠️ Risk & Real-World Impact
Worst Case
Attackers steal administrator session cookies, gain full system access, compromise user data, and potentially pivot to other systems.
Likely Case
Attackers steal student or teacher session cookies, access/modify grades, assignments, or personal information, and perform actions as authenticated users.
If Mitigated
Limited to UI manipulation or minor data exposure if proper content security policies and input validation are in place.
🎯 Exploit Status
Exploitation requires ability to submit AI prompts that get displayed to other users. Likely requires some level of authenticated access.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not yet released
Vendor Advisory: https://access.redhat.com/security/cve/CVE-2025-67849
Restart Required: No
Instructions:
1. Monitor Moodle security advisories for patch release. 2. Apply patch when available. 3. Test in staging environment before production deployment.
🔧 Temporary Workarounds
Disable AI Features
allTemporarily disable Moodle's AI functionality to prevent exploitation
Navigate to Site administration > Plugins > AI services > Manage AI services and disable all AI providers
Implement Content Security Policy
allAdd strict CSP headers to prevent script execution from untrusted sources
Add to .htaccess or web server config: Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'"
🧯 If You Can't Patch
- Implement web application firewall rules to block suspicious HTML/script patterns in AI responses
- Enable strict session security settings and implement short session timeouts
🔍 How to Verify
Check if Vulnerable:
Check if AI features are enabled and review code for proper output encoding of AI responsesCheck Version:
Navigate to Site administration > Notifications in Moodle admin panelVerify Fix Applied:
Test AI prompt functionality with malicious payloads after patch application📡 Detection & Monitoring
Log Indicators:
- Unusual AI prompt submissions containing script tags or JavaScript
- Multiple failed login attempts following AI interactions
Network Indicators:
- Outbound connections to suspicious domains from Moodle server
- Unusual traffic patterns to AI service endpoints
SIEM Query:
source="moodle_logs" AND (message="*<script>*" OR message="*javascript:*") AND message="*AI*"