Candidate: CVE-2012-2360
PublicDate: 2012-07-21 03:38:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2360
 http://www.openwall.com/lists/oss-security/2012/05/23/2
Description:
 Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle
 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows
 remote authenticated users to inject arbitrary web script or HTML via a
 crafted string that is inserted into a page title.
Ubuntu-Description:
Notes:
 jdstrand> moodle 2.0 and higher
Bugs:
Priority: medium
Discovered-by: Sam Hemelryk
Assigned-to:
CVSS: 

Patches_moodle:
 upstream: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-32018
upstream_moodle: released (2.2.3.dfsg-1)
hardy_moodle: ignored (reached end-of-life)
lucid_moodle: not-affected
natty_moodle: not-affected
oneiric_moodle: not-affected
precise_moodle: not-affected (1.9.9.dfsg2-6)
precise/esm_moodle: DNE (precise was not-affected [1.9.9.dfsg2-6])
quantal_moodle: ignored (reached end-of-life)
raring_moodle: ignored (reached end-of-life)
saucy_moodle: ignored (reached end-of-life)
trusty_moodle: not-affected (2.5.4-1ubuntu1)
trusty/esm_moodle: DNE (trusty was not-affected [2.5.4-1ubuntu1])
utopic_moodle: ignored (reached end-of-life)
vivid_moodle: ignored (reached end-of-life)
vivid/stable-phone-overlay_moodle: DNE
vivid/ubuntu-core_moodle: DNE
wily_moodle: ignored (reached end-of-life)
xenial_moodle: not-affected (2.5.4-1ubuntu1)
yakkety_moodle: ignored (reached end-of-life)
zesty_moodle: ignored (reached end-of-life)
artful_moodle: ignored (reached end-of-life)
bionic_moodle: not-affected (2.5.4-1ubuntu1)
cosmic_moodle: not-affected (2.5.4-1ubuntu1)
devel_moodle: not-affected (2.5.4-1ubuntu1)