{"api_version":"1","generated_at":"2026-05-30T00:41:40+00:00","cve":"CVE-2012-6112","urls":{"html":"https://cve.report/CVE-2012-6112","api":"https://cve.report/api/cve/CVE-2012-6112.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2012-6112","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2012-6112"},"summary":{"title":"CVE-2012-6112","description":"classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.","state":"PUBLISHED","assigner":"redhat","published_at":"2013-01-27 22:55:04","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.tinymce.com/develop/changelog/?type=phpspell","name":"http://www.tinymce.com/develop/changelog/?type=phpspell","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"TinyMCE - Changelog for \"PHP Spellchecker\"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283","name":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Official Moodle git projects - moodle.git/search","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://www.tinymce.com/forum/viewtopic.php?id=30036","name":"http://www.tinymce.com/forum/viewtopic.php?id=30036","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"TinyMCE - Forum / TinyMCE / News / TinyMCE Spellchecker PHP 2.0.6.1 Released","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://moodle.org/mod/forum/discuss.php?d=220157","name":"https://moodle.org/mod/forum/discuss.php?d=220157","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Moodle.org: MSA-13-0001: Security issue in Google Spellchecker in TinyMCE","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974","name":"https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Fixed security issue with google spellchecker · tinymce/tinymce_spellchecker_php@2291018 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://openwall.com/lists/oss-security/2013/01/21/1","name":"http://openwall.com/lists/oss-security/2013/01/21/1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oss-security - Moodle security notifications public","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2012-6112","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6112","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.1.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.2.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.2.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"moodle","cpe5":"moodle","cpe6":"2.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0","cpe7":"a1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0","cpe7":"a2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0","cpe7":"b1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0","cpe7":"b2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0","cpe7":"b3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6112","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"tinymce","cpe5":"spellchecker_php","cpe6":"2.0.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T21:28:38.908Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.tinymce.com/forum/viewtopic.php?id=30036"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.tinymce.com/develop/changelog/?type=phpspell"},{"name":"[oss-security] 20130121 Moodle security notifications public","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2013/01/21/1"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://moodle.org/mod/forum/discuss.php?d=220157"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2013-01-27T22:00:00.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.tinymce.com/forum/viewtopic.php?id=30036"},{"tags":["x_refsource_CONFIRM"],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.tinymce.com/develop/changelog/?type=phpspell"},{"name":"[oss-security] 20130121 Moodle security notifications public","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2013/01/21/1"},{"tags":["x_refsource_CONFIRM"],"url":"https://moodle.org/mod/forum/discuss.php?d=220157"}]}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2012-6112","datePublished":"2013-01-27T22:00:00.000Z","dateReserved":"2012-12-06T00:00:00.000Z","dateUpdated":"2024-08-06T21:28:38.908Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2013-01-27 22:55:04","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0:*:*:*:*:*:*:*","matchCriteriaId":"6163C806-B28B-4773-BF84-53788BD113B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0:a1:*:*:*:*:*:*","matchCriteriaId":"E81966C7-D128-4CFD-9A52-520D161779C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0:a2:*:*:*:*:*:*","matchCriteriaId":"0273780B-6A60-41C5-BBDC-7094D83042D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0:b1:*:*:*:*:*:*","matchCriteriaId":"51351EF6-F5C0-48C6-B81C-EA68EB2AB985"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0:b2:*:*:*:*:*:*","matchCriteriaId":"EE7F0375-A2D8-4F04-B5CE-DDEA09EC380A"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0:b3:*:*:*:*:*:*","matchCriteriaId":"30DE507D-CDD1-40F2-870A-DC36C4A10CBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0:rc1:*:*:*:*:*:*","matchCriteriaId":"D919FBFE-DFCB-4A3D-A8E7-F1E79821808D"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"EB502999-18F3-48FA-B01F-2A9C75573E89"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"35637126-0FE9-4916-8BFE-545618AD542C"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0.3:*:*:*:*:*:*:*","matchCriteriaId":"B1C08902-9E25-40FF-8D2D-A61E39E97F6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:tinymce:spellchecker_php:2.0.6:*:*:*:*:*:*:*","matchCriteriaId":"5DE98361-6EE0-44DB-8D29-29CEEAF59FFB"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"18C6F348-DAE9-4440-8B3A-8D92ADC6606F"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"367537BF-CBDF-4CBB-91B4-6E5A567EF605"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*","matchCriteriaId":"DABBF325-C48A-4838-AC5D-0565C78976CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*","matchCriteriaId":"02B72177-DFB0-4242-9ED6-068E5751579B"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*","matchCriteriaId":"7226EE65-CC9F-4FDA-9791-3C8047D5C04C"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*","matchCriteriaId":"FDC55ECE-8185-4FC0-A4C9-14AABD136650"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*","matchCriteriaId":"ADFDE1FC-992E-4610-A62D-282B448402AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:*","matchCriteriaId":"8E8EA8F6-D689-4726-9B02-0C555EFF56AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:*","matchCriteriaId":"633480C9-D415-4BF9-9185-547EAB7ADBE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.1.9:*:*:*:*:*:*:*","matchCriteriaId":"D4994E7C-196E-4EDC-B192-836AB3C8731B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*","matchCriteriaId":"15A73CE2-73DA-4274-89E0-DD9A413ED17F"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*","matchCriteriaId":"39075F6E-2925-4897-B1DE-C86A066DF54B"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*","matchCriteriaId":"179DBC2B-B35F-4A19-B522-DF996D5E13E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*","matchCriteriaId":"FA527724-B44E-46B6-BA53-A83B012EA376"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.2.4:*:*:*:*:*:*:*","matchCriteriaId":"31A8CAEA-CCCF-4678-B61E-0FFE439890DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.2.5:*:*:*:*:*:*:*","matchCriteriaId":"3C22E1EB-57DA-4E3C-BF38-29E2F50AEBF2"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.2.6:*:*:*:*:*:*:*","matchCriteriaId":"25F99A03-DD94-4380-8E6B-C95D3A57D6EF"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*","matchCriteriaId":"BFD575CF-2AF2-443F-841D-F7E25FBD455A"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*","matchCriteriaId":"AC2A1954-E30F-40EC-BA59-40D29573E7D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*","matchCriteriaId":"25EA194F-BE9D-49A8-AA35-FC7810C06643"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*","matchCriteriaId":"2C3888D8-8219-4DE4-8E6C-84F58AFD3B15"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*","matchCriteriaId":"B8E52813-E056-4A5C-8BF5-4DD5EF5BF041"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2012","CveId":"6112","Ordinal":"1","Title":"CVE-2012-6112","CVE":"CVE-2012-6112","Year":"2012"},"notes":[{"CveYear":"2012","CveId":"6112","Ordinal":"1","NoteData":"classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.","Type":"Description","Title":"CVE-2012-6112"},{"CveYear":"2012","CveId":"6112","Ordinal":"2","NoteData":"2013-01-27","Type":"Other","Title":"Published"}]}}}