fir3storm/Cross-Site Scripting (XSS) in MOODLE 3.10.9

## Cross-Site Scripting (XSS) in MOODLE 3.10.9
Vulnerability Description: Cross-Site Scripting (XSS) in MOODLE 3.10.9

Affected Product: MOODLE

Affected Version(s): 3.10.9 (Versions prior to 3.11.4 might also be affected)

CVE ID: Not assigned (hypothetical)

Description:

A Cross-Site Scripting (XSS) vulnerability exists in the way MOODLE version 3.10.9 handles user input within the "GET /?lang=" URL parameter. This parameter is likely used to specify the user's preferred language for the MOODLE interface.

An attacker could potentially craft a malicious URL containing a specially crafted script that is executed by the user's browser when they access the link. This script could then perform various malicious actions within the user's browser context, depending on the attacker's intent.

Potential Impacts:

    Stealing Session Cookies: An attacker could steal the user's session cookie, allowing them to impersonate the user and gain access to their MOODLE account and potentially sensitive information.
    Modifying User Data: The attacker could inject malicious scripts that modify the user's data within MOODLE, such as changing grades or assignments.
    Defacing the Web Interface: The attacker could inject scripts that deface the MOODLE web interface, displaying misleading information or propaganda.
    Launching Phishing Attacks: The attacker could redirect the user to a phishing website designed to steal their login credentials for other services.

Exploitation POC:

The Payload - https://postimg.cc/ykv9WXmH

The outcome - https://postimg.cc/87Gp8qJk

Remediation:

    Implement server-side input validation to sanitize all user-provided input within the "lang" parameter before processing it. This ensures that any malicious scripts are properly escaped and rendered harmless.
	Vulnerability Description: Cross-Site Scripting (XSS) in MOODLE 3.10.9

	Affected Product: MOODLE

	Affected Version(s): 3.10.9 (Versions prior to 3.11.4 might also be affected)

	CVE ID: Not assigned (hypothetical)

	Description:

	A Cross-Site Scripting (XSS) vulnerability exists in the way MOODLE version 3.10.9 handles user input within the "GET /?lang=" URL parameter. This parameter is likely used to specify the user's preferred language for the MOODLE interface.

	An attacker could potentially craft a malicious URL containing a specially crafted script that is executed by the user's browser when they access the link. This script could then perform various malicious actions within the user's browser context, depending on the attacker's intent.

	Potential Impacts:

	Stealing Session Cookies: An attacker could steal the user's session cookie, allowing them to impersonate the user and gain access to their MOODLE account and potentially sensitive information.
	Modifying User Data: The attacker could inject malicious scripts that modify the user's data within MOODLE, such as changing grades or assignments.
	Defacing the Web Interface: The attacker could inject scripts that deface the MOODLE web interface, displaying misleading information or propaganda.
	Launching Phishing Attacks: The attacker could redirect the user to a phishing website designed to steal their login credentials for other services.

	Exploitation POC:

	The Payload - https://postimg.cc/ykv9WXmH

	The outcome - https://postimg.cc/87Gp8qJk

	Remediation:

	Implement server-side input validation to sanitize all user-provided input within the "lang" parameter before processing it. This ensures that any malicious scripts are properly escaped and rendered harmless.