{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P><SPAN class=\"textit\">Xoops</SPAN> versions 2.5.4 et  ant\u00e9rieures.</P>","content":"## Solution\n\nMettre Xoops \u00e0 jour en version 2.5.5.\n","cves":[{"name":"CVE-2012-0984","url":"https://www.cve.org/CVERecord?id=CVE-2012-0984"}],"links":[],"reference":"CERTA-2012-AVI-223","revisions":[{"description":"version initiale.","revision_date":"2012-04-20T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance"}],"summary":"Des vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Xoops</span>. Elles concernent des injections de code\nindirectes \u00e0 distance via le module <span class=\"textit\">PM</span> et\n<span class=\"textit\">tinymce</span>. De plus, plusieurs biblioth\u00e8ques\nsont mises \u00e0 jour dans la version 2.5.5 de <span\nclass=\"textit\">Xoops</span>.\n","title":"Vuln\u00e9rabilit\u00e9s dans Xoops","vendor_advisories":[{"published_at":null,"title":"Notes de la version 2.5.5 de Xoops du 16 avril 2012","url":"http://xoops.org/modules/news/article.php?storyid=6284"}]}