Vulnerability
The Jmol/JSmol plugin is used to display chemical structures in Moodle using Java and JavaScript.The plugin uses a PHP server-side proxy to bypass client-side security constraints while loading third-party resources.This PHP proxy script calls the function file_get_contents() on unvalidated user input.
Impact
In the default PHP setup, this makes Moodle instances with this plugin vulnerable to directory traversal and server-side request forgery. If PHP’s “expect” wrapper is enabled, this may also result in remote code execution vulnerability.
Mitigation / Precaution
In order to patch this vulnerability, we recommend you to update the Jmol plugin to the latest version.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
