CVE-2022-35651 — Moodle Stored XSS and blind SSRF possible via SCORM track details

Description

A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks.

How to fix CVE-2022-35651

To remediate CVE-2022-35651, upgrade the affected package to a fixed version below.

—upgrade to 3.9.15 or later
—upgrade to 3.9.15 or later

Is CVE-2022-35651 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

>= 3.9.0, < 3.9.15, >= 3.11.0, < 3.11.8, >= 4.0.0, < 4.0.2
>= 3.9, < 3.9.15

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References (9)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-35651
PATCHgithub.com/moodle/moodle
WEBgit.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71921
WEBbugzilla.redhat.com/show_bug.cgi?id=2106275