Stored XSS Vulnerability in Moodle's Administration Live Log
CVE-2025-26529

8.3HIGH

Key Information:

Vendor: Moodle Project
Status: Moodle
Vendor: CVE Published:; 24 February 2025

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The vulnerability present in Moodle's site administration live log stems from inadequate sanitization of description information. This flaw allows attackers to inject malicious scripts, which can be executed in the context of an administrator's session, compromising sensitive data and potentially leading to unauthorized actions within the platform. It is vital for users to apply the latest patches and prevent exploitation by enhancing input validation and sanitization processes.

Affected Version(s)

moodle 4.5.0 < 4.5.2

moodle 4.4.0 < 4.4.6

moodle 4.3.0 < 4.3.10

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

moodleTestingEnv
Created by NightBloodz

References

https://moodle.org/mod/forum/discuss.php?d=466145

vendor-advisory

http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=...

patch

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

🟡
Public PoC available
Apr 5, 2025
👾
Exploit known to exist
Apr 5, 2025
Vulnerability published
Feb 24, 2025
Vulnerability Reserved
Feb 12, 2025