Moodle version 3.10.3 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to Vincent666 ibn Winnie in March of 2021.
1fcd1fa3ec121b2c10c68e0cb6e78bbc8b44e1d20dc9503759b2beb14529f62f# Exploit Title: Moodle 3.10.3 - 'url' Persistent Cross Site Scripting
# Date: 22/04/2021
# Exploit Author: UVision
# Vendor Homepage: https://moodle.org/
# Software Link: https://download.moodle.org
# Version: 3.10.3
# Tested on: Debian/Windows 10
By having the role of a teacher or an administrator or a manager (to have the possibility to create a course):
- Create a new course (http://localhost/moodle/course/edit.php?category=1&returnto=topcat)
- Give any name , short name, date and other things required.
- In "Description" field, click on the "link" button
- In the url field, enter the payload : <img src=1 href=1 onerror="javascript:alert(1)"></img>
- Create the link, an alert window appears (close it several times so that it disappears) , save the course. ("Save and return")
Each time the course description is displayed, the stored xss is activated : activate it by viewing the course, by modifying it, etc.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed