CVE-2025-62398

MEDIUM 5.4

Moodle: possible to bypass mfa

CVSS Score

5.4

EPSS Score

0.0%

EPSS Percentile

0th

A serious authentication flaw allowed attackers with valid credentials to bypass multi-factor authentication under certain conditions, potentially compromising user accounts.

CWE	CWE-287
Published	Oct 23, 2025
Last Updated	Oct 24, 2025

Stay Ahead of the Next One

Get instant alerts for

Be the first to know when new medium vulnerabilities are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

References

NVD ↗ CVE.org ↗ EPSS Data ↗

access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-62398 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2404431

Credits

Red Hat would like to thank Petr Skoda for reporting this issue.