{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T05:06:52.258","vulnerabilities":[{"cve":{"id":"CVE-2011-0439","sourceIdentifier":"cve@mitre.org","published":"2011-03-28T16:55:04.153","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Mahara 1.2.x before 1.2.7 and 1.3.x before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the Pieforms select box."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Mahara v1.2.x anteriores a v1.2.7 y v1.3.x anteriores a 1.3.4, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de la caja de selección de Pieforms.\r\n"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:*:*:*:*:*:*:*","matchCriteriaId":"9BAF00FF-8F66-4C6A-B88B-810F2DC96A16"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"ED69BC0A-7C5F-4914-8030-B8FD113AEA48"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:alpha2:*:*:*:*:*:*","matchCriteriaId":"4A62AC27-3F69-4705-8C66-CBAED72A9EC9"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:alpha3:*:*:*:*:*:*","matchCriteriaId":"299920CB-3F4D-44C9-B0DB-E903C9DC1EC9"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:beta1:*:*:*:*:*:*","matchCriteriaId":"49753C3B-2025-497A-AF5F-30949ACD0742"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:beta2:*:*:*:*:*:*","matchCriteriaId":"3E5CFB7A-3C90-4394-BECA-7C31D06A69E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:beta3:*:*:*:*:*:*","matchCriteriaId":"8C767369-1F19-44C7-A8E8-EEA7C52DF1BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:beta4:*:*:*:*:*:*","matchCriteriaId":"E115E0FC-B489-4294-ACF7-59C693602AF2"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.0:rc1:*:*:*:*:*:*","matchCriteriaId":"A8C9CDAB-9F01-42CE-AB1F-CC81B2D145EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"604DD0C5-7432-45AB-AA7C-F6018F2CC479"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.2:*:*:*:*:*:*:*","matchCriteriaId":"D4397E8D-502A-41B5-AE03-223616BA7A80"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.3:*:*:*:*:*:*:*","matchCriteriaId":"9C25DD02-C589-4A65-A87D-73BB0392D964"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.4:*:*:*:*:*:*:*","matchCriteriaId":"2FDB8082-B11B-4485-92AC-B7F9088D7E4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.5:*:*:*:*:*:*:*","matchCriteriaId":"08A0B2A1-A3AB-4EFC-BE3D-57D38B315107"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.2.6:*:*:*:*:*:*:*","matchCriteriaId":"016E86B6-B450-499B-852C-A68803127936"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.3:*:*:*:*:*:*:*","matchCriteriaId":"0262773C-58A6-4706-B5A2-5C60EC798A91"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1C602276-C0AE-46EC-972E-0D32C31AEFA4"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.0:beta1:*:*:*:*:*:*","matchCriteriaId":"69B261E9-9F73-442C-A234-8E95A72BE0F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.0:beta2:*:*:*:*:*:*","matchCriteriaId":"71E57083-FAC5-4F98-AFB4-7449D38396FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.0:beta3:*:*:*:*:*:*","matchCriteriaId":"8DCBBD59-FB74-420C-A652-7B392A0DA468"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.0:beta4:*:*:*:*:*:*","matchCriteriaId":"F0626B4E-1A96-4FD3-B3A9-A99B4DEC52EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.0:rc1:*:*:*:*:*:*","matchCriteriaId":"B54F4801-9C4D-47CA-AE0E-022AEA212D1C"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.1:*:*:*:*:*:*:*","matchCriteriaId":"4E7BED57-573D-4F3E-923A-C7ECF2C7B2F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mahara:mahara:1.3.2:*:*:*:*:*:*:*","matchCriteriaId":"B41ED313-9CB3-4BBB-9FAF-737FFE7CBD9C"}]}]}],"references":[{"url":"http://mahara.org/interaction/forum/topic.php?id=3205","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://mahara.org/interaction/forum/topic.php?id=3208","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://secunia.com/advisories/43858","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.debian.org/security/2011/dsa-2206","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/47033","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66327","source":"cve@mitre.org"},{"url":"http://mahara.org/interaction/forum/topic.php?id=3205","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://mahara.org/interaction/forum/topic.php?id=3208","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://secunia.com/advisories/43858","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.debian.org/security/2011/dsa-2206","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/47033","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66327","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}