{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Moodle version 2.2.2+ ;","product":{"name":"Moodle","vendor":{"name":"Moodle","scada":false}}},{"description":"Moodle version 2.2 ;","product":{"name":"Moodle","vendor":{"name":"Moodle","scada":false}}},{"description":"Moodle versions 2.1 \u00e0 2.1.5+ ;","product":{"name":"Moodle","vendor":{"name":"Moodle","scada":false}}},{"description":"Moodle versions 2.0 \u00e0 2.0.8+.","product":{"name":"Moodle","vendor":{"name":"Moodle","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-2358","url":"https://www.cve.org/CVERecord?id=CVE-2012-2358"},{"name":"CVE-2012-2355","url":"https://www.cve.org/CVERecord?id=CVE-2012-2355"},{"name":"CVE-2012-2356","url":"https://www.cve.org/CVERecord?id=CVE-2012-2356"},{"name":"CVE-2012-2353","url":"https://www.cve.org/CVERecord?id=CVE-2012-2353"},{"name":"CVE-2012-2354","url":"https://www.cve.org/CVERecord?id=CVE-2012-2354"},{"name":"CVE-2012-2357","url":"https://www.cve.org/CVERecord?id=CVE-2012-2357"},{"name":"CVE-2012-2360","url":"https://www.cve.org/CVERecord?id=CVE-2012-2360"},{"name":"CVE-2012-2359","url":"https://www.cve.org/CVERecord?id=CVE-2012-2359"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Moodle MSA-12-0030 du 21 mai 2012 :","url":"http://moodle.org/mod/forum/discuss.php?d=203048"},{"title":"Bulletin de s\u00e9curit\u00e9 Moodle MSA-12-0025 du 21 mai 2012 :","url":"http://moodle.org/mod/forum/discuss.php?d=203042"},{"title":"Bulletin de s\u00e9curit\u00e9 Moodle MSA-12-0026 du 21 mai 2012 :","url":"http://moodle.org/mod/forum/discuss.php?d=203043"},{"title":"Bulletin de s\u00e9curit\u00e9 Moodle MSA-12-0031 du 21 mai 2012 :","url":"http://moodle.org/mod/forum/discuss.php?d=203049"},{"title":"Bulletin de s\u00e9curit\u00e9 Moodle MSA-12-0027 du 21 mai 2012 :","url":"http://moodle.org/mod/forum/discuss.php?d=203044"},{"title":"Bulletin de s\u00e9curit\u00e9 Moodle MSA-12-0024 du 21 mai 2012 :","url":"http://moodle.org/mod/forum/discuss.php?d=203041"},{"title":"Bulletin de s\u00e9curit\u00e9 Moodle MSA-12-0028 du 21 mai 2012 :","url":"http://moodle.org/mod/forum/discuss.php?d=203045"},{"title":"Bulletin de s\u00e9curit\u00e9 Moodle MSA-12-0029 du 21 mai 2012 :","url":"http://moodle.org/mod/forum/discuss.php?d=203046"}],"reference":"CERTA-2012-AVI-290","revisions":[{"description":"version initiale.","revision_date":"2012-05-22T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Injection de code indirecte \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Huit vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Moodle</span>. La majorit\u00e9 d'entre elles permettent un\nacc\u00e8s \u00e0 des zones ou donn\u00e9es \u00e0 acc\u00e8s limit\u00e9s. Une vuln\u00e9rabilit\u00e9 concerne\nune injection de code indirecte \u00e0 distance (XSS) dans le titre des pages\nwiki.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Moodle","vendor_advisories":[{"published_at":null,"title":"Bulletins de s\u00e9curit\u00e9 Moodle du 21 mai 2012","url":null}]}