#VU31205 Cross-site scripting in Moodle - CVE-2018-14631

Cybersecurity Help s.r.o.

Published: 2018-09-17 | Updated: 2020-07-17

Vulnerability identifier: #VU31205

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-14631

CWE-ID: CWE-79

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Moodle
Web applications / Other software

Vendor: moodle.org

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user followed a malicious link containing JavaScript in the search parameter.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Moodle: 3.5.0 beta - 3.5.1

External links
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62857
https://www.securityfocus.com/bid/105371
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14631
https://moodle.org/mod/forum/discuss.php?d=376025

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in moodle Moodle