# Exploit Title: Moodle 3.10.3 - 'url' Persistent Cross Site Scripting# Date: 22/04/2021# Exploit Author: UVision# Vendor Homepage: https://moodle.org/# Software Link: https://download.moodle.org# Version: 3.10.3# Tested on: Debian/Windows 10
By having the role of a teacher or an administrator or a manager (to have the possibility to create a course):- Create a new course (http://localhost/moodle/course/edit.php?category=1&returnto=topcat)- Give any name , short name, date and other things required.- In "Description" field, click on the "link" button
- In the url field, enter the payload :<img src=1 href=1 onerror="javascript:alert(1)"></img>- Create the link, an alert window appears (close it several times so that it disappears), save the course.("Save and return")
Each time the course description is displayed, the stored xss is activated : activate it by viewing the course, by modifying it, etc.
