Moodle 3.1.3+ Plugin “PoodLL Filter” – Cross-Site Scripting(XSS) #23
Comments
|
Thanks for the report. This has been addressed in later versions of PoodLL (ie the poodll3 branch) . I will fix this up within the week. |
|
Hi,did you fixed this issue? |
|
Hi:
I would like to have you do me a favour, if this vulnerability was
suitable , please help me assign a CVE for it ?
Thanks & Regards
2017-01-10 21:34 GMT+08:00 Justin Hunt <[email protected]>:
… Thanks for the report. This has been addressed in later versions of PoodLL
(ie the poodll3 branch) . I will fix this up within the week.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#23 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AE-GYDl5FQ-yqmvqFuxJ6j0zP_W2apnxks5rQ4jQgaJpZM4LeF18>
.
|
|
I did not even know what a CVE was. Ok. I am sorry that I have not done this yet. But I will. |
|
I really appreciate your help.By the way, today is Chinese new year, happy
New Year !
Sincerely
2017-01-27 15:18 GMT+08:00 Justin Hunt <[email protected]>:
… I did not even know what a CVE was. Ok. I am sorry that I have not done
this yet. But I will.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#23 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AE-GYFmpUpGRn-S0adCaAyN9SD3Z50wuks5rWZphgaJpZM4LeF18>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello:
Moodle 3.1.3+ Plugin “PoodLL Filter” – Cross-Site Scripting(XSS)
Procuct: Moodle plugin “PoodLL Filter”
Download url: https://moodle.org/plugins/filter_poodll
Vunlerable Version: 3.0.20 and probably prior
Tested Version: 3.0.20
Author: ADLab of Venustech
Advisory Details:
I have discovered a Cross-Site Scripting (XSS) in Moodle plugin “PoodLL Filter”, which can be exploited to add,modify or delete information in application`s database and gain complete control over the application.
The vulnerability exists due to insufficientfiltration of user-supplied data in “poodll_audio_url” HTTP GET parameter passed to “filter_poodll_moodle32_2016112802/poodll/mp3recorderskins/brazil/index.php” url. An attacker could execute arbitrary HTML and script code in browser in context of the vulnerable website.
The exploitation examples below uses the "alert()" JavaScript function to see a pop-up messagebox:
POC:
http://localhost/moodleplugins/filter_poodll_moodle32_2016112802/poodll/mp3recorderskins/brazil/index.php?poodll_audio_url=%22%27});%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E#%22
The text was updated successfully, but these errors were encountered: