Loading video...
Video Failed to Load
🚨CVE-2025-26529: Moodle XSS to RCE Exploit Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.
22,929 views • 5 months ago •via X (Twitter)
0 Comments
No comments available
Comments from the original post will appear here
![I found 2 stored XSS vulnerabilities in ChatGPT. The XSS bug was the easy part, but sharing it required bypassing CSP, leveraging a mass assignment issue for client-side path traversal (thanks Critical Thinking - Bug Bounty Podcast) to force a request to a BFLA endpoint. 🧵 [1/5]](https://image.24vids.com/tw-1759603359646974386/ext_tw_video_thumb/1759601545237123072/pu/img/4bLMowPD_SddiD54.jpg)
![I said I'm going to publish a technical article on how to test newsletter subscription functionality for BAC/XSS, I'll just drop it here instead; before we jump into testing these "newsletter subscription" features, we need to find them; here's a dork I use to find them [ site: ("subscribe"|"newsletter"|"unsubscribe") ]... most hackers don't look into these features, so this is a good opportunity; you can find vulnerabilities like XSS, IDOR/BAC, and even SQLi. In some cases the form only asks for your email, no name, country, etc. That doesn't stop you from testing XSS, but it can make IDOR testing harder to spot... if the email you enter is reflected back on the page, that's a great vector to test for XSS.](https://image.24vids.com/tw-1986132356822929604/amplify_video_thumb/1986132057987186689/img/guLXAOUvmNJiFf4X.jpg)
