{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-23T23:20:59.175","vulnerabilities":[{"cve":{"id":"CVE-2009-0487","sourceIdentifier":"cve@mitre.org","published":"2009-02-09T20:30:00.343","lastModified":"2026-06-16T23:05:08.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows remote attackers to inject arbitrary web script or HTML via a crafted forum post."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mahara anterior a v1.0.9, permite a atacantes remotos inyectar secuencias de comandos Web o HTML de su elección a través de un mensaje manipulado en el foro."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0.8","matchCriteriaId":"4837AA98-82C6-4F5A-B02E-B89B1E08ADE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:0.9.0:*:*:*:*:*:*:*","matchCriteriaId":"D6D7FB07-E62A-40FE-A7BE-C809E6460585"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:0.9.1:*:*:*:*:*:*:*","matchCriteriaId":"62BA0A1B-26BB-47B0-AA9E-5730E433675A"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:0.9.2:*:*:*:*:*:*:*","matchCriteriaId":"3362126C-F6CB-4AB8-9490-C19E43D509D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"8B49D797-AF1B-4F7E-A71D-AABD0F802912"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.0.1:*:*:*:*:*:*:*","matchCriteriaId":"18048333-3E64-4AB4-9F20-2B1B8E7AB9FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"68167317-977B-48EE-9320-2A4539A93B29"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.0.3:*:*:*:*:*:*:*","matchCriteriaId":"CB25DF09-D88F-4633-9956-D64E3497153F"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.0.4:*:*:*:*:*:*:*","matchCriteriaId":"E32430EE-5F2B-4936-A297-2DF55CC22937"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"1CC0259C-E628-4BBA-9D97-41A130B1E741"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.0.6:*:*:*:*:*:*:*","matchCriteriaId":"974F2D63-488C-41D7-A627-BF9B085A8D10"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.0.7:*:*:*:*:*:*:*","matchCriteriaId":"E26420D4-20D8-4D6D-88B5-C74F39B88720"}]}]}],"references":[{"url":"http://mahara.org/interaction/forum/topic.php?id=198","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/33813","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/33619","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48518","source":"cve@mitre.org"},{"url":"http://mahara.org/interaction/forum/topic.php?id=198","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/33813","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/33619","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48518","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}