Forums | Mahara Community

Security Announcements /
Security issue relating to XSS <1.10.9, <15.04.6, <15.10.2


Son Nguyen's profile picture
Posts: 28

24 March 2016, 11:59 AM

XSS vulnerability due to window.opener (target="_blank" and window.open())

Category: XSS

Severity: High

Versions affected: <1.10.9, <15.04.6, <15.10.2

Reported by: Catalyst security team

Bug reports: https://bugs.launchpad.net/mahara/+bug/1558361

CVE reference: 2017-1000149

Edits to this post:
1 result