CVE-2025-67852 – Moodle: moodle: open redirect vulnerability in oauth login flow allows redirection to malicious sites.

CVE ID : CVE-2025-67852

Published : Feb. 3, 2026, 10:52 a.m. | 25 minutes ago

Description : A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. This occurs due to insufficient validation of redirect parameters, which could lead to phishing attacks or information disclosure.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…