Headline
CVE-2021-27131: CVEs-Assigned/Moodle-3.10.1-CVE-2021-27131.md at master · p4nk4jv/CVEs-Assigned
Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the “Additional HTML Section” via “Header and Footer” parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer.
Moodle 3.10.1 - Persistent/Stored Cross-Site Scripting (XSS)****Persistent/Stored Cross-Site Scripting (XSS) Vulnerabilities found in Moodle 3.10.1 version.
Description:-
Moodle 3.10.1 is vulnerable to Stored Cross-Site Scripting (XSS) due to the improper input sanitization on the “Additional HTML Section” of the /admin/settings.php page. This vulnerability could allow an attacker to inject malicious JavaScript code into the “Header” & “Footer” fields and perform Stored Cross-Site Scripting (XSS) attack into the application.
Steps To Reproduce:-
- Navigate to the http://127.0.0.1/ and login with Admin credentials.
- Now, navigate to the Site Administration>Appearance>Additional HTML section.
- Insert the following JavaScript Payload <script>alert(document.cookie)</script> into the Header and Footer fields and save the settings.
- Observe the Payload getting executed on all pages of the application.
Reference: CVE-2021-27131
Related news
Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in `/admin/settings.php`. This vulnerability may lead an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer.