Vulnerability type: XSS
Attack type: Local
Impact: Code execution
Affected components: The adding or displaying of tags on pages or content
Attack vectors: If a person creates a tag in a certain way then shares the page with others then when they view the page the tag can cause code execution.
Suggested description: In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, certain tag syntax could cause code execution.
For the security forum post:
Vulnerability type: XSS
Attack type: Local
Impact: Code execution
Affected components: The adding or displaying of tags on pages or content
Attack vectors: If a person creates a tag in a certain way then shares the page with others then when they view the page the tag can cause code execution.
Suggested description: In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, certain tag syntax could cause code execution.
Reported by: Dominic Couture /bugs.launchpad .net/mahara/ +bug/1944633
Bug report: https:/
CVE reference: TBC