{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-11-16T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey answer."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-02-22T04:57:02", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://moodle.org/mod/forum/discuss.php?d=323231"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2015-5336", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey answer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://moodle.org/mod/forum/discuss.php?d=323231", "refsource": "CONFIRM", "url": "https://moodle.org/mod/forum/discuss.php?d=323231"}, {"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940", "refsource": "CONFIRM", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T06:41:09.282Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://moodle.org/mod/forum/discuss.php?d=323231"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-5336", "datePublished": "2016-02-22T02:00:00", "dateReserved": "2015-07-01T00:00:00", "dateUpdated": "2024-08-06T06:41:09.282Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F3E36CA-026A-4262-8CB7-73E0FC315A45", "versionEndIncluding": "2.6.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "4E051AAC-EB40-491F-AF0E-EE8143C12567", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "FADBE87F-1855-453B-B958-0CB8A7908A06", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B53A7D2-BDA2-4185-97C3-977A04876A37", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "A51DFFA8-DFF0-429C-B697-F82F41621FEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "19FD1565-0DA1-4BA8-A501-86F13D3D29ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "6D82CFE8-C38D-4FF3-BC4F-6C27AD64D9A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "FEB754AF-3DA4-4459-A53B-3BC7B78CE313", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "F57E8383-C3F3-480C-B9A9-49633DAAEC18", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "645E8B7B-1AE6-4F46-AFA9-7506685CD571", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "0316A26A-8B51-4226-8D56-4A798A2D798D", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "DF5A44BF-A70E-4AEF-9A3C-E03809744AB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "12737AF4-B2D5-4661-B06A-6A06FE95EC2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "88C59A94-D225-478A-B23E-41C4324BC643", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "192EA69B-A1E1-4E0D-8E73-76EB74CCDE49", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "D88385B1-EEFB-4825-BD8F-215C39FD86DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "A3BE2782-D167-4237-B57D-2E4C04571524", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "F277F979-12FA-47A5-B0A5-D174C2127A7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "38498617-8E45-4E73-AE9F-C7A0D18FDE47", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "C9047769-BFF4-42DB-8B19-F6D16FA910A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "73A75ACE-FED2-4830-B259-744ABF25463E", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9224D94-1C48-468C-A39B-B2694ED178F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C7EE9AD-E122-4288-9416-6D8F8790D75D", "vulnerable": true}, {"criteria": "cpe:2.3:a:moodle:moodle:2.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "C4FC2CC1-787B-480F-BC41-538CE2507CB7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey answer."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de XSS en el m\u00f3dulo survey en Moodle hasta la versi\u00f3n 2.6.11, 2.7.x en versiones anteriores a 2.7.11, 2.8.x en versiones anteriores a 2.8.9 y 2.9.x en versiones anteriores a 2.9.3 permiten a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios aprovechando el rol estudiante e introduciendo una respuesta de encuesta manipulada."}], "id": "CVE-2015-5336", "lastModified": "2024-11-21T02:32:49.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "[email protected]", "type": "Primary"}]}, "published": "2016-02-22T05:59:14.530", "references": [{"source": "[email protected]", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://moodle.org/mod/forum/discuss.php?d=323231"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://moodle.org/mod/forum/discuss.php?d=323231"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "[email protected]", "type": "Primary"}]}

{}