Welcome to

色豹随心笔记

首页 / XSS / Cross-site scripting vulnerability in moodle 3.2

Cross-site scripting vulnerability in moodle 3.2

There is a xss vulnerability in moodle 3.2 latest

In admin page Add a new course ,Course summary filter have xss vulnerability

payload :

<svg onload="alert('Coursesummary')"></svg>

couusexss.png

save and display  when we viste the main page there is a xss alert box


coursexss1.jpg



本文暂无评论

发表评论

您的电子邮件地址不会被发布。

>> <<