Mahara ePortfolio System

Mahara Community

Forums > Security Announcements

XSS in Mahara 1.0.11 and 1.1.4

This topic is closed. Only moderators and the group administrators can post new replies.
Posts: 411
21 June 2009, 10:51 PM

Category:Cross-site scripting
Severity:Major
Versions affected:< 1.0.12, < 1.1.5
Reported by:Mahara Team
Identifier: CVE-2009-2170

A few cross-site scripting vulnerabilities have been found in Mahara.

Upgrading to Mahara 1.0.12 or 1.1.5 is strongly recommended for all sites.

Edits to this post: