CVE-2021-27131

CVE-2021-27131

Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer.

Source: CVE-2021-27131

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다