cvelistv5 - cve-2021-27131

URL	Tags
cve@mitre.org	https://docs.moodle.org/402/en/Risks
cve@mitre.org	https://github.com/moodle/moodle	Product
cve@mitre.org	https://github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md	Exploit

▼	Vendor	Product
	n/a	n/a

wid-sec-w-2023-1224

Vulnerability from csaf_certbund

Published

2023-05-16 22:00

Modified

2023-05-18 22:00

Summary

Moodle: Schwachstelle ermöglicht Cross-Site Scripting

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Moodle ist ein Software-Paket, um internetbasierte Kurse zu entwickeln und durchzuführen. Es ist ein globales Softwareentwicklungsprojekt, das einen konstruktivistischen Lehr- und Lernansatz unterstützt.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Moodle ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Moodle ist ein Software-Paket, um internetbasierte Kurse zu entwickeln und durchzuf\u00fchren. Es ist ein globales Softwareentwicklungsprojekt, das einen konstruktivistischen Lehr- und Lernansatz unterst\u00fctzt.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Moodle ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1224 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1224.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1224 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1224"
      },
      {
        "category": "external",
        "summary": "Red Hat Bug-Tracker 2207982 vom 2023-05-17",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207982"
      },
      {
        "category": "external",
        "summary": "Github Security Advisory vom 2023-05-16",
        "url": "https://github.com/advisories/GHSA-w2pm-fr62-jgv4"
      }
    ],
    "source_lang": "en-US",
    "title": "Moodle: Schwachstelle erm\u00f6glicht Cross-Site Scripting",
    "tracking": {
      "current_release_date": "2023-05-18T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:50:55.993+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-1224",
      "initial_release_date": "2023-05-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-05-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-05-18T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Moodle 3.10.1",
            "product": {
              "name": "Open Source Moodle 3.10.1",
              "product_id": "T027749",
              "product_identification_helper": {
                "cpe": "cpe:/a:open_source:moodle:3.10.1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-27131",
      "notes": [
        {
          "category": "description",
          "text": "In Moodle existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden Parameter in \"/admin/settings.php\" nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027749"
        ]
      },
      "release_date": "2023-05-16T22:00:00.000+00:00",
      "title": "CVE-2021-27131"
    }
  ]
}

gsd-2021-27131

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

** DISPUTED ** Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. NOTE: this is disputed by the vendor because the "Additional HTML Section" for "Header and Footer" can only be supplied by an administrator, who is intentionally allowed to enter unsanitized input (e.g., site-specific JavaScript).

Aliases

CVE-2021-27131

Aliases

CVE-2021-27131

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-27131",
    "id": "GSD-2021-27131"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-27131"
      ],
      "details": "** DISPUTED ** Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the \"Additional HTML Section\" via \"Header and Footer\" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. NOTE: this is disputed by the vendor because the \"Additional HTML Section\" for \"Header and Footer\" can only be supplied by an administrator, who is intentionally allowed to enter unsanitized input (e.g., site-specific JavaScript).",
      "id": "GSD-2021-27131",
      "modified": "2023-12-13T01:23:36.020675Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2021-27131",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** DISPUTED ** Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the \"Additional HTML Section\" via \"Header and Footer\" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. NOTE: this is disputed by the vendor because the \"Additional HTML Section\" for \"Header and Footer\" can only be supplied by an administrator, who is intentionally allowed to enter unsanitized input (e.g., site-specific JavaScript)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/moodle/moodle",
            "refsource": "MISC",
            "url": "https://github.com/moodle/moodle"
          },
          {
            "name": "https://github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md",
            "refsource": "MISC",
            "url": "https://github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md"
          },
          {
            "name": "https://docs.moodle.org/402/en/Risks",
            "refsource": "MISC",
            "url": "https://docs.moodle.org/402/en/Risks"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "=3.10.1",
          "affected_versions": "Version 3.10.1",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-79",
            "CWE-937"
          ],
          "date": "2023-05-25",
          "description": "Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the \"Additional HTML Section\" via \"Header and Footer\" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer.",
          "fixed_versions": [
            "3.10.2"
          ],
          "identifier": "CVE-2021-27131",
          "identifiers": [
            "CVE-2021-27131",
            "GHSA-w2pm-fr62-jgv4"
          ],
          "not_impacted": "All versions before 3.10.1, all versions after 3.10.1",
          "package_slug": "packagist/moodle/moodle",
          "pubdate": "2023-05-16",
          "solution": "Upgrade to version 3.10.2 or above.",
          "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-27131",
            "https://github.com/moodle/moodle",
            "https://github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md",
            "https://github.com/advisories/GHSA-w2pm-fr62-jgv4"
          ],
          "uuid": "75b6c789-67ff-4fba-bcd0-60e8eec717c6"
        }
      ]
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:moodle:moodle:3.10.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8DE1A209-128A-4D30-845C-298A3EEB93FF",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the \"Additional HTML Section\" via \"Header and Footer\" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. NOTE: this is disputed by the vendor because the \"Additional HTML Section\" for \"Header and Footer\" can only be supplied by an administrator, who is intentionally allowed to enter unsanitized input (e.g., site-specific JavaScript)."
          }
        ],
        "id": "CVE-2021-27131",
        "lastModified": "2024-04-11T01:10:53.360",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.3,
              "impactScore": 2.7,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2023-05-16T20:15:08.987",
        "references": [
          {
            "source": "cve@mitre.org",
            "url": "https://docs.moodle.org/402/en/Risks"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Product"
            ],
            "url": "https://github.com/moodle/moodle"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Exploit"
            ],
            "url": "https://github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md"
          }
        ],
        "sourceIdentifier": "cve@mitre.org",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-79"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

ghsa-w2pm-fr62-jgv4

Vulnerability from github

Published

2023-05-16 21:30

Modified

2023-05-25 19:07

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

Moodle vulnerable to stored Cross-site Scripting

Details

Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability may lead an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "3.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-27131"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-05-17T17:05:54Z",
    "nvd_published_at": "2023-05-16T20:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the \"Additional HTML Section\" via \"Header and Footer\" parameter in `/admin/settings.php`. This vulnerability may lead an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer.",
  "id": "GHSA-w2pm-fr62-jgv4",
  "modified": "2023-05-25T19:07:51Z",
  "published": "2023-05-16T21:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27131"
    },
    {
      "type": "WEB",
      "url": "https://docs.moodle.org/402/en/Risks"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/moodle/moodle"
    },
    {
      "type": "WEB",
      "url": "https://github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moodle vulnerable to stored Cross-site Scripting"
}

Action not permitted

cve-2021-27131

Vulnerability from cvelistv5

wid-sec-w-2023-1224

Vulnerability from csaf_certbund

gsd-2021-27131

Vulnerability from gsd

ghsa-w2pm-fr62-jgv4

Vulnerability from github

Tags