Cross site Scripting(XSS) Vulnerability in Mahara 1.6
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
High
|
Aaron Wells | ||
1.6 |
Fix Released
|
High
|
Aaron Wells |
Bug Description
Hi Mahara Security Team,
I have found a Persistent/Stored Cross site scripting (XSS) vulnerability in Mahara version 1.6.
What is Cross site scripting(XSS): http://
The vulnerability exists in the following link:
http://
For example, in a note such as http://
When the notes page(http://
Fix it as soon as possible.
Thanks.
M.R.Vignesh Kumar(@
description: | updated |
Changed in mahara: | |
milestone: | none → 1.5.8 |
Changed in mahara: | |
status: | New → Fix Released |
importance: | Undecided → High |
assignee: | nobody → Aaron Wells (u-aaronw) |
information type: | Private Security → Public Security |
no longer affects: | mahara/1.7 |