Forums | Mahara Community

Security Announcements /
XSS in Mahara 1.2.6 and 1.3.3


This topic is closed. Only moderators and the group administrators can post new replies.

24 March 2011, 8:13 PM

Category: Cross-site scripting
Severity: Medium
Versions affected: < 1.2.7, < 1.3.4
Reported by: Mahara user
Identifier: CVE-2011-0439

A cross-site scripting vulnerability in the Pieforms select box was identified during a security review commissioned by a Mahara user.

Upgrading to Mahara 1.2.7 or 1.3.4 is recommended for all sites.

1 result