Mahara Community - Security Announcements - Security issue relating to cross-site scripting <16.10.7; <17.04.5; <17.10.2 - All postshttps://mahara.org/,t,8149https://mahara.org/theme/mahara-org/images/site-logo.svghttps://mahara.org/favicon.ico
Mahara
2018-01-17T17:09:35+13:00Security issue relating to cross-site scripting <16.10.7; <17.04.5; <17.10.2https://mahara.org/,8149,32666Fix user input from direct POST / GET usage
Vuln type: CSS Impact: Code execution
Mahara 16.10 before 16.10.7, 17.04 before 17.04.5 and 17.10 before 17.10.2 are vulnerable to a user submitting a potential dangerous payload, e.g., XSS code, to be passed in as POST or GET data.