CVE-2025-3638: 
PHP vulnerability analysis and mitigation

A Cross-site Request Forgery (CSRF) vulnerability was discovered in Moodle's Brickfield tool (CVE-2025-3638). The analysis request action in the Brickfield tool failed to include the necessary security token, exposing the system to CSRF attacks. This vulnerability affects Moodle versions 4.5 to 4.5.3, 4.4 to 4.4.7, 4.3 to 4.3.11, 4.1 to 4.1.17, and earlier unsupported versions (NVD, Red Hat CVE).

The vulnerability is classified as CWE-352 (Cross-Site Request Forgery) and has received a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability can be exploited remotely, requires low attack complexity, needs no privileges, but does require user interaction (NVD).

If successfully exploited, this CSRF vulnerability could allow attackers to perform unauthorized actions in the context of authenticated users of the Moodle platform, potentially leading to high impacts on confidentiality, integrity, and availability of the system (NVD).

The vulnerability has been fixed in Moodle versions 4.5.4, 4.4.8, 4.3.12, and 4.1.18. Users are advised to upgrade to these patched versions to mitigate the risk (Red Hat Bugzilla).