## https://sploitus.com/exploit?id=A6DEE749-9372-5AE2-BF85-CC0B7E5C3E73
# PoC for CVE-2025-26529 โ Moodle XSS to RCE Exploit
This is a Proof of Concept (PoC) demonstrating the SSRF to XSS โ XSS to RCE vulnerability chain in Moodle.
## Overview
Iโve uploaded all the necessary files to demonstrate the full chain of exploitation:
1. **SSRF to XSS**
2. **Grabbing the admin cookie**
3. **Using the admin cookie to achieve Remote Code Execution (RCE) in Moodle**
Tested on Moodle version **4.4.5 (Build: 20241209)**.
## Important Instructions
Before proceeding, **make sure to carefully review the files**. You'll need to modify certain elements like your **IP address**.
## PoC Video
For a step-by-step walkthrough, Iโve also uploaded a video demonstrating the exploit:
[PoC for CVE-2025-26529](https://youtu.be/WUUBz1Pq-o4)
## Mitigation Recommendations
To mitigate this vulnerability:
- **Disable the guest user** in Moodle.
- **Update to the latest version** of Moodle.
## Credits
Special thanks to **p0dalirius**, from whom I got the plugin used to upload and gain Remote Code Execution in Moodle.