CVE-2025-3637: 
PHP vulnerability analysis and mitigation

CVE-2025-3637 is a security vulnerability discovered in Moodle's moddata module where confidential information used to prevent cross-site request forgery (CSRF) attacks was exposed publicly through the site's URL. The vulnerability specifically affects the edit and delete pages within the moddata module, impacting multiple versions including 4.5 to 4.5.3, 4.4 to 4.4.7, 4.3 to 4.3.11, 4.1 to 4.1.17 and earlier supported versions (Wiz Database, Bugzilla).

The vulnerability is classified as CWE-598 (Use of GET Request Method With Sensitive Query Strings) and has been assigned a CVSS v3.1 base score of 3.1 (LOW) with the vector string CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N. The technical issue involves the exposure of CSRF tokens in the URL parameters of specific pages within the mod_data module (NVD).

The exposure of CSRF tokens through URLs could potentially allow attackers to bypass CSRF protection mechanisms, though the actual exploitation requires high complexity as indicated by the CVSS score. The vulnerability primarily affects the confidentiality of the system, with no direct impact on integrity or availability (Wiz Database).

The vulnerability has been fixed in Moodle versions 4.5.4, 4.4.8, 4.3.12, and 4.1.18. Users are advised to upgrade to these patched versions to address the security issue (Bugzilla).