Dionach Admin

Name of the Vulnerable Software and Affected Versions: Moodle LMS Jmol plugin versions 6.1 and prior Description: A path traversal vulnerability exists in the Moodle LMS Jmol plugin via the query parameter in jsmol.php. The script directly passes user input to the `file get contents()` function without proper validation, allowing attackers to read arbitrary files from the server's filesystem by crafting a malicious query value. This issue can be exploited without authentication and may expose sensitive configuration data, including database credentials. Recommendations: For Moodle LMS Jmol plugin versions 6.1 and prior, as a temporary workaround, consider disabling the `file get contents()` function or restricting access to the jsmol.php file until a patch is available. Avoid using the query parameter in the jsmol.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Moodle LMS Jmol plugin versions 6.1 and prior Description: A reflected cross-site scripting (XSS) issue exists due to the application's failure to properly sanitize user input before embedding it into the HTTP response. This allows an attacker to execute arbitrary JavaScript in the victim's browser by crafting a malicious link, potentially hijacking user sessions or manipulating page content. The issue is specifically related to the `data` parameter in `jsmol.php`. Recommendations: For Moodle LMS Jmol plugin versions 6.1 and prior, consider disabling the `jsmol.php` endpoint or restricting access to it until a patch is available. Avoid using the `data` parameter in the affected `jsmol.php` endpoint until the issue is resolved.