Miggo Logo

CVE-2021-43558: Cross-site Scripting in moodle

6.1

CVSS Score
3.1

Basic Information

EPSS Score
0.68839%
Published
11/23/2021
Updated
1/27/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer>= 3.11.0, < 3.11.43.11.4
moodle/moodlecomposer>= 3.10.0, < 3.10.83.10.8
moodle/moodlecomposer>= 3.9.0, < 3.9.113.9.11

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability exists in the filetype administration tool's parameter handling. While exact commit details are unavailable, Moodle's security notice (MSA-21-0040) and tracker reference MDL-72571 indicate the fix involved improved sanitization of URL parameters in admin filetype handling. The admin tool's edit form (admin/tool/filetypes/classes/form/edit.php) would be the logical location where filetype parameters are processed and rendered. The vulnerability pattern matches unescaped output of URL parameters in form definitions, which would require adding proper context-aware escaping (like PARAM_TEXT or format_string) in the form rendering logic.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *l*w w*s *oun* in Moo*l* in v*rsions *.** to *.**.*, *.** to *.**.*, *.* to *.*.** *n* **rli*r unsupport** v*rsions. * URL p*r*m*t*r in t** *il*typ* sit* **ministr*tor tool r*quir** *xtr* s*nitizin* to pr*v*nt * r**l**t** XSS risk.

Reasoning

T** vuln*r**ility *xists in t** *il*typ* **ministr*tion tool's p*r*m*t*r **n*lin*. W*il* *x**t *ommit **t*ils *r* un*v*il**l*, Moo*l*'s s**urity noti** (MS*-**-****) *n* tr**k*r r***r*n** M*L-***** in*i**t* t** *ix involv** improv** s*nitiz*tion o* U