Forums | Mahara Community

Security Announcements /
Security issue relating to XSS <1.8.7, <1.9.5, <1.10.3, <15.04.0


Robert Lyon's profile picture
Posts: 681

17 April 2015, 14:49

A maliciously created .swf file can have it's code executed when user tries to download the file.

Category: XSS
Severity: High
Versions affected: <1.8.7, <1.9.5, <1.10.3, <15.04.0
Reported by: Aaron Wells
Bug reports: https://bugs.launchpad.net/mahara/+bug/1190788
CVE reference: 2017-1000132

Edits to this post:

1 result