Forums | Mahara Community

Security Announcements /
Security issue relating to XSS <1.8.7, <1.9.5, <1.10.3, <15.04.0


Robert Lyon's profile picture
Posts: 776

17 April 2015, 14:44

A maliciously created .xml file can have it's code executed when user tries to download the file.

Category: XSS
Severity: High
Versions affected: <1.8.7, <1.9.5, <1.10.3, <15.04.0
Reported by: Roman Mironov
Bug reports: https://bugs.launchpad.net/mahara/+bug/1404117
CVE reference: 2017-1000140

Edits to this post:

1 result