Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Moodle Jsmol - Cross-Site Scripting

By kannthu

Medium
Vidoc logoVidoc Module
#moodle#xss
Description

What is the "Moodle Jsmol - Cross-Site Scripting?" module?

The "Moodle Jsmol - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in Moodle, a popular learning management system. This module focuses specifically on the Jsmol plugin used in Moodle. The severity of this vulnerability is classified as medium.

This module was authored by madrobot.

Impact

A cross-site scripting vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. In the case of Moodle, this vulnerability in the Jsmol plugin could potentially lead to unauthorized access, data theft, or the execution of arbitrary code within the context of the affected user's browser.

How does the module work?

The "Moodle Jsmol - Cross-Site Scripting" module works by sending a specific HTTP request to the vulnerable endpoint in the Jsmol plugin. The request path is /filter/jmol/js/jsmol/php/jsmol.php?call=saveFile&data=<script>alert('XSS')</script>&mimetype=text/html.

The module then applies several matching conditions to determine if the vulnerability is present:

- The HTTP response status must be 200. - The response body must contain the string <script>alert('XSS')</script>. - The response header must include the string text/html.

If all of these conditions are met, the module reports the presence of the cross-site scripting vulnerability in the Jsmol plugin of Moodle.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/filter/jmol/js/jsmo...
Matching conditions
status: 200and
word: <script>alert('XSS')</script>and
word: text/html
Passive global matcher
No matching conditions.
On match action
Report vulnerability