Moodle vulnerable to stored Cross-site Scripting

2023-05-1621:30:23

Google

osv.dev

moodle 3.10.1

cross-site scripting

input sanitization

admin cookies

user account cookies

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

29.1%

JSON

Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the “Additional HTML Section” via “Header and Footer” parameter in /admin/settings.php. This vulnerability may lead an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer.

CPENameOperatorVersion
moodle/moodleeq3.0.7
moodle/moodleeq3.9.0
moodle/moodleeq3.9.0-rc2
moodle/moodleeq3.9.7
moodle/moodleeq3.10.0-rc1
moodle/moodleeq3.10.1
moodle/moodleeq3.3.1
moodle/moodleeq3.0.10
moodle/moodleeq3.5.3
moodle/moodleeq2.6.9

Name	Operator	Version
moodle/moodle	eq	3.0.7
moodle/moodle	eq	3.9.0
moodle/moodle	eq	3.9.0-rc2
moodle/moodle	eq	3.9.7
moodle/moodle	eq	3.10.0-rc1
moodle/moodle	eq	3.10.1
moodle/moodle	eq	3.3.1
moodle/moodle	eq	3.0.10
moodle/moodle	eq	3.5.3
moodle/moodle	eq	2.6.9