|
Wed, 22 Apr 2009, 1:09 AM
|
A vulnerability in html2text, a third-party package bundled with Mahara, may allow remote attackers to execute arbitrary code via text that is converted from HTML to plain text. Upgrading to Mahara 1.1.3 is strongly recommended for all sites currently using the Mahara 1.1 series. The 1.0 series is not affected by this problem. |