Forums | Mahara Community

Security Announcements /
Security issue relating to the file browser <19.04.6, <19.10.4, <20.04.1

This topic is closed. Only moderators and the group administrators can post new replies.
Robert Lyon's profile picture
Posts: 756

04 August 2020, 16:13

Avoid file or folder names containing JavaScript from being executed

Severity: High
Vulnerability type: Cross Site Scripting (XSS)

In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before
20.04.1, certain places could execute file or folder names containing

Reported by: Adesh Nandkishor Kolte
Bug report:
CVE reference: CVE-2020-15907

1 result