Forums | Mahara Community

Security Announcements /
XSS in Mahara 1.1.6 and 1.0.12


This topic is closed. Only moderators and the group administrators can post new replies.
François Marier's profile picture
Posts: 411

29 October 2009, 17:34

Category:Cross-site scripting
Severity:Medium
Versions affected:< 1.0.13, < 1.1.7
Reported by:Sven Vetsch
Identifier: CVE-2009-3299

A cross-site scripting vulnerability has been found in the resume blocktype.

Upgrading to Mahara 1.0.13 or 1.1.7 is recommended for all sites.

1 result