Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-2170

Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.

Related bugs and status

CVE-2009-2170 (Candidate) is related to these bugs:

Bug #390471: Cross-site scripting vulnerabilities

		In	Importance	Status
390471	Cross-site scripting vulnerabilities	mahara (Ubuntu)	Undecided	Invalid
390471	Cross-site scripting vulnerabilities	mahara (Ubuntu Intrepid)	Medium	Invalid
390471	Cross-site scripting vulnerabilities	mahara (Ubuntu Jaunty)	Medium	Fix Released
390471	Cross-site scripting vulnerabilities	mahara (Ubuntu Karmic)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://mahara.org/inte...