Category: | Cross-site scripting |
Severity: | Major |
Versions affected: | < 1.0.11, < 1.1.3 |
Reported by: | Mahara Team |
Identifier: | CVE-2009-0664 |
Cross-site scripting vulnerabilities have been found in the "introduction" user profile field as well as in text blocks in user views.
Upgrading to Mahara 1.0.11 or 1.1.3 is strongly recommended for all sites.
]]>