CVE-2025-60507 | Moodle GeniAI Plugin: Reflected & Stored XSS via PDF Upload & Prompt Injection

in

CVE-2025-60507 | Moodle GeniAI Plugin: Reflected & Stored XSS via PDF Upload & Prompt Injection

PoC — Moodle GeniAI plugin (local_geniai) v2.3.6

Important: These PoCs are for an isolated, consented test environment only (e.g., local Bitnami Moodle Docker). Do not run tests against production or third-party systems. Use non-exfiltrative payloads (e.g., alert('stored-xss')) for public demonstrations. Redact any real usernames/hostnames in screenshots before publishing.

Summary

This PoC demonstrates three related vectors observed during testing of local_geniai v2.3.6:

  • Stored XSS via an uploaded PDF resource that is exposed as an unsanitized clickable link by the assistant.
  • Reflected XSS via chatbot input that is returned/rendered unsanitized in the chat UI.
  • LLM-assisted delivery / Prompt Injection where the assistant (LLM) returns HTML/raw links which can be used to deliver stored payloads to other users.

During testing the following public PDF collection was used as the uploaded file source (lab-only): https://github.com/luigigubello/PayloadsAllThePDFs/blob/main/pdf-payloads/starter_pack.pdf

CVE-2025-60506 | Stored Cross-Site Scripting (XSS) in Moodle PDF Annotator plugin (v1.5 release 9)

in Cybersecurity, responsibledisclosure, Cybersecurity, Penetration Testing

CVE-2025-60506 | Stored Cross-Site Scripting (XSS) in Moodle PDF Annotator plugin (v1.5 release 9)

Summary

  • Vulnerability: Stored Cross-Site Scripting (XSS) in Moodle PDF Annotator plugin (mod_pdfannotator) — Public Comments rendering.
  • CVE: CVE-2025-60506 (assigned)
  • Discoverer: Onurcan Genç — Independent Security Researcher
  • Tested environment: Bitnami Docker image for Moodle 4.x
  • Plugin: mod_pdfannotator v1.5 (release 9, build 2025090300)
  • Browser used during testing: Chrome (headless / visible)

Vulnerability Summary

The Public Comments feature in the PDF Annotator plugin fails to properly sanitize user-supplied input before rendering it inside the PDF viewer’s comment panel. A low-privileged authenticated user (e.g., Student) can inject HTML/JavaScript into the Public Comments field; that content is stored and later executed in the browsers of other users (Student, Teacher, Admin) when they open the annotated PDF.

IDOR in Moodle OpenAI Chat Block (block_openai_chat) | Proof of Concept (PoC) – CVE-2025-60511

in ResponsibleDisclosure, OffensiveSecurity, Moodle, PenetrationTesting

IDOR in Moodle OpenAI Chat Block (block_openai_chat) | Proof of Concept (PoC) – CVE-2025-60511

Vulnerability Summary

  • Vulnerability Type: Insecure Direct Object Reference (IDOR)
  • Component: Moodle – OpenAI Chat Block Plugin (block_openai_chat) v3.0.1 (Build: 2025021700)
  • Endpoint: /blocks/openai_chat/api/completion.php
  • Vulnerable Parameter: blockId
  • Impact: Information Disclosure, Privilege Escalation, Potential Model Misuse
  • Attack Prerequisites: Authenticated low-privileged user (e.g., student or teacher)

Technical Description

The completion.php endpoint uses the blockId parameter to determine which chat block configuration (prompt templates, source of truth entries, model settings) to use when processing OpenAI completions.

CVE-2025-57520 – Stored XSS in Decap CMS (<= 3.8.3)

in ResponsibleDisclosure, Cybersecurity, CVE, MITRE, OffensiveSecurity

CVE-2025-57520 – Stored XSS in Decap CMS (<= 3.8.3)

This vulnerability has been assigned CVE-2025-57520 by MITRE.

Vulnerability Summary

  • Vulnerability Type: Stored Cross-Site Scripting (XSS)
  • Affected Versions: Decap CMS <= 3.8.3
  • Affected Component: Admin Panel → Content Preview Renderer (title, tags, description, body)
  • Impact: Session hijacking, credential theft, arbitrary JavaScript execution in privileged user context
  • Discoverer: Onurcan Genç – Independent Security Researcher

Scenario Flow

  1. Contributor (low privilege) injects a malicious payload into a blog entry.
  2. Editor/Admin (high privilege) later opens the entry in the preview panel.
  3. The payload executes in the privileged user’s browser context.

The vulnerability was verified under both contributor and editor roles. The most severe impact is observed when an admin user views the malicious entry in preview mode, leading to stored XSS execution in the privileged context.

NucAIScan: An AI-Powered Web Application Security Scanner

in Cybersecurity, Project, OffensiveSecurity

NucAIScan: An AI-Powered Web Application Security Scanner

Hello everyone! About a week ago, I started working on a new idea that turned into a project I now call NucAIScan. Initially, I had no plans to build anything related to offensive security or cyber threat intelligence since my main focus was preparing for the eWPTX exam. But sometimes, inspiration shows up when you least expect it.

During a holiday break, a bug bounty friend of mine said:

“If we could automate scanners like Acunetix for large scopes, we could literally earn rewards just by running them and submitting the results.”

eWPT Exam Guide: Strategies, Study Materials, and Final Takeaways

in Cybersecurity, eWPT, Cybersecurity, Penetration Testing

eWPT Exam Guide: Strategies, Study Materials, and Final Takeaways

Hi everyone! In this article, I’d like to share my eWPT (eLearnSecurity Web Application Penetration Tester) exam experience. I’ll walk you through my expectations before the test, my exam-day approach, the materials I used to prepare, and some final thoughts.

Overall, the exam does a good job covering what a web application penetration tester should know. However, it is heavily focused on CMS exploitation (WordPress, Drupal, Joomla), which doesn’t always reflect the wide variety of applications we encounter in real-world scenarios.