CVE-2025-3628 is a vulnerability identified in Moodle version 4.5.0, a widely used open-source learning management system (LMS). The flaw allows an attacker with limited privileges (but not full administrative rights) to leverage the search functionality to de-anonymize assignment submissions that were intended to be anonymous. This means that student identities, which should remain confidential during anonymous grading processes, can be revealed to unauthorized actors. The vulnerability affects the confidentiality of sensitive student information but does not impact the integrity or availability of the system. The attack vector is network-based (AV:N), requiring no user interaction (UI:N), and the scope remains unchanged (S:U). The vulnerability is rated medium severity with a CVSS score of 4.3, reflecting the limited scope and privilege requirements. No public exploits have been reported yet, but the risk to student privacy is significant, especially in educational institutions relying on Moodle for anonymous assessments. The vulnerability underscores the importance of properly securing LMS features that handle sensitive data and ensuring that permission models prevent unauthorized access to anonymized content. Since Moodle is widely adopted globally, particularly in higher education and K-12 sectors, this vulnerability has broad implications for protecting student privacy.

The primary impact of CVE-2025-3628 is the exposure of sensitive student identity information that was intended to remain anonymous during assignment submissions. This breach of confidentiality can lead to privacy violations, loss of trust in educational institutions, and potential legal consequences under data protection regulations such as GDPR or FERPA. Although the vulnerability does not affect system integrity or availability, the unauthorized disclosure of student identities can undermine the fairness of anonymous grading processes and damage institutional reputations. Educational organizations worldwide using Moodle 4.5.0 are at risk, particularly those with large student populations and strict privacy requirements. The requirement for some level of privileges to exploit the flaw limits the attack surface but does not eliminate the risk, especially if internal accounts are compromised or misused. The absence of known exploits in the wild provides a window for remediation, but the potential for targeted attacks remains.

1. Apply official patches or updates from Moodle as soon as they are released to address CVE-2025-3628. 2. Until patches are available, restrict search functionality permissions to trusted roles only, minimizing exposure to unauthorized actors. 3. Review and tighten role-based access controls (RBAC) to ensure that only necessary users have privileges that could exploit this vulnerability. 4. Audit assignment submission settings to verify that anonymous grading features are properly configured and that no unintended information leakage occurs. 5. Monitor Moodle logs for unusual search activity or access patterns that could indicate attempts to exploit this vulnerability. 6. Educate staff and administrators about the risks of this vulnerability and the importance of safeguarding student anonymity. 7. Consider implementing additional data masking or anonymization layers if feasible to reduce the risk of identity exposure. 8. Maintain an incident response plan focused on data privacy breaches to quickly address any exploitation attempts.