Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2022-35653Cross-site Scripting in Moodle

CWE-79Cross-site Scripting9 documents8 sources
Severity
6.1MEDIUMNVD
EPSS
81.1%
top 0.84%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
MoodleFedoraproject FedoraRedhat Enterprise Linux
Timeline
PublishedJul 25
Latest updateMay 3

Description

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact a

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages3 packages

NVDmoodle/moodle3.9.03.9.15+3
Packagistmoodle/moodle4.04.0.2+2
CVEListV5moodle/moodleFixed in moodle 4.0.2, moodle 3.11.8, moodle 3.9.15

Also affects: Fedora 35, 36, Enterprise Linux 8.0

Patches

Patch: git.moodle.orgPatch: moodle.orgPatch: git.moodle.org

🔴Vulnerability Details

5
GHSA
Moodle LTI module reflected XSS risk2022-07-26
OSV
Moodle LTI module reflected XSS risk2022-07-26
CVEList
CVE-2022-35653: A reflected XSS issue was identified in the LTI module of Moodle2022-07-25
OSV
CVE-2022-35653: A reflected XSS issue was identified in the LTI module of Moodle2022-07-25
VulnCheck
Moodle moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')2022

💥Exploits & PoCs

1
Nuclei
Moodle LTI module Reflected - Cross-Site Scripting

🕵️Threat Intelligence

1
Greynoiseio
NoiseLetter June 2025

💬Community

1
HackerOne
Reflected XSS via Moodle on ███ [CVE-2022-35653]2024-05-03
CVE-2022-35653 — Cross-site Scripting in Moodle | cvebase